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« Microsoft sets up a $5 million bounty fund to nab virus and worm writers. 
= A congressman retreats on security audit bill after pressure from IT vendor groups. 
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Nothing escapes Neil Montgomery’s steely gaze. 

The CEO of Davis Controls gets automatic alerts on his PC 
telling him what’s happening in his business throughout the day, 
such as booked orders, overdue accounts and late deliveries. 
Welcome to the world of business activity monitoring. Page 27 


Wal-Mart Suppliers Shoulder 
Burden of Daunting RFID Effort 


Top 100 face cost, 
deadline pressures 


| that the Bentonville, Ark.- 
based retailer has set for com- 
pliance with its radio frequen- 
cy identification technology 
directive, but the rest have 
been asked to follow suit by 
the start of 2006. 


| 
BY CAROL SLIWA 
Wal-Mart Stores Inc. last week | 
drew over 120 suppliers to a | 
meeting it hosted at the Holi- | 
day Inn in Springdale, Ark., to | 
detail its guidelines for using | 
RFID tags on shipping pallets | 
and cases of merchandise. | 

Only the top 100 suppliers | 
face the January 2005 deadline | 


McCarran International Airport 
in Las Vegas is rolling out an RFID 
bag-tagging project: 
QuickLink 42655 
www.computerworld.com 
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| of the suppliers,” 


a | 


Some analysts and consul- 


tants said most of Wal-Mart’s 
suppliers will be challenged to | 


meet the deadline, and they 
will be hard-pressed to come 
up with a plan well enough 
conceived to justify the ex- 
pense. 

“Right now, the benefits ar 
primarily for Wal-Mart, and 


e 


the costs are the responsibility | 


said Kara 


Romanow, an analyst at AMR 


Research Inc. in Boston. Ro- 


| manow estimated start-up 


| costs at $13 million to $23 mil- 
lion for a supplier that ships 


50 million tagged containers 


| per year. Costs include RFID 


tags, readers, system integra- 

tion and changes to supply 

chain applications, she said. 
Romanow said she thinks 


cost-sharing discussions be- 
| tween Wal-Mart and its sup- 


pliers will be needed. The 


| tags, one of the key potential 


Wal-Mart, page 
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Linux Infusion 


Gives Novella 
Needed Boost 


Users say SUSE acquisition should help stem 
Ne tW. are make rs smarke t- “share hemorrhag xing y 





BY TODD R. WEISS 

After years of watching Nov- 
ell Inc. lose market share to 
Microsoft Corp. and other 
vendors, a lot of Novell users 
are saying the company’s de- 
cision to acquire SUSE Linux 
AG could be exactly what’s 
needed to revitalize the mid- 
die-aged developer of Net- 
Ware. 

Together with its 
acquisition of Linux 
desktop vendor Ximi- 
an Inc. earlier this year, Nov- 
ell’s $210 million purchase of 
SUSE, announced last week 
(QuickLink 42574], will help 
the company make its prod- 
uct offerings more com- 
pelling, users said. 

“The one part that Novell 
has always been a little disap- 
pointing [in are] the applica- 
tions that run on their server 


Inside 
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{software],” said Brian Czaj- 
kowski, director of MIS at 
Perry Equipment Corp., an 
industrial filtration supplier 
in Mineral Wells, Texas. “I 
don’t know everything that’s 
coming on the Linux side, but 
it tends to make me think 
that maybe they’re going to 
have a good, solid application 
server there.” 

Also good for Nov- 
ell users, he said, is 
the related news last 
week of IBM’s $50 million in- 
vestment in Novell to extend 
existing partnerships be- 
tween IBM and SUSE. “That 
is a pretty bold move,” Czaj- 
kowski said. “I was glad to 
see that, probably even more 
than the Linux [acquisition].” 

Another Novell user, John 
Jakus, IT manager at Valence 

Novell, page 16 


Why SUSE Over Red Hat? 


Chris Stone, 
Novell's vice 
chairman, spoke 
with Computer- 
world’s Don 
Tennant last 
week about why 
his company 
chose to acquire SUSE Linux in- 
stead of Red Hat. Excerpts from 
the interview follow: 


A 


Did you consider acquiring 
Red Hat as well? Sure, we 


looked at everything. The two 
largest were Red Hat and SUSE, 
and then we looked at the oth- 
ers; there are a good 35 Linux 
[operating systems] there. Obvi- 
ously, Red Hat was a bit pricey, 
so we decided we had the best 
fit - economically, peoplewise, 
culturally - with SUSE. They 
think like we do; they work like 
we do. They're very technically 
competent. So it was a really 
natural fit. 

Stone, page 16 
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You're being asked to do more. You're being asked to do it with less. Microsoft” Windows” Server 2003 is designed to 

‘ help you manage these opposing forces with powerful server consolidation capabilities that increase efficiency, decrease 
man-hours, and lower your total cost of ownership.-Download your free evaluation copy of Windows Server 2003 at 
microsoft.com/windowsserver2003 Software for the Agile Business. 


| UE CRA ke ad) manages over 122-terabytes of data to provide consumer behavior insights, advanced analytics, and _ 
decision analysis tools for some of the largest consumer packaged goods, healthcare, retail, and financial companies in the world. To meet 
increasing demand for faster, more granular business intelligence while reducing costs, IRI is using 64-bit editions of Windows Server 2003 
and SQL Server™ 2000 on an Intel Itanium 2 system to deliver faster answers to its customers. The result? IRI will be able to process more 
queries, using a fraction of the number of servers while realizing significant.cost savings and improving customer service. 
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to be the same server. 


The AMD Opteron processor, superior 32-bit performance with expanded 64-bit capability. 


It’s the only server processor designed to run your 32- and 64-bit applications simultaneously and without compromise. 


AMD Opteron runs on AMD64, a breakthrough architecture that enables 64-bit technology on the x86 platform—creating 
a new class of computing. 

The world’s highest performing 2P and 4P industry standard servers 

are now powered by AMD Opteron processors. Get unparalleled 32-bit 


performance and the ability to transition seamlessly to 64-bit computing. 


Opteron 


Leverage your existing investments while preparing for the future. It’s one architecture 
across your enterprise that offers industry leading performance for your 32-bit applications, and doesn’t 
require a forklift upgrade as more 64-bit applications emerge. It’s just another way AMD designs and builds 


processors with you in mind. For a closer look at the AMD Opteron processor, visit www.amd.com/opteron 
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Al Loves Lucy 


In the Technology section: This week’s Future Watch 
tells how a robot baby orangutan named Lucy may 
help researchers develop a machine that can supple- 
ment or even supersede the digital computer — a 
machine that can think, feel and learn. Page 36 


NEWS 
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Catering to the Wealthy 


In the Management section: Companies are using IT to 
identify and pamper their richest customers. At Harrah’s, 
CIO Tim Stanley (left) says his company entices casino 
customers by putting IT dollars behind its loyalty pro- 
gram and CRM application. Page 41 
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Banks will be able to ex- 
change electronic images of 
checks under a law that takes 
effect next October, provided 
the necessary technology is 
available by then. 


Microsoft offers $5 million in 
reward money to help nab ma- 
licious code writers, but some 
say it could be better spent. 


Microsoft opponents are push- 
ing for the courts to impose 
tougher restrictions, some of 
which would help Linux. 


SAP upgrades its Enterprise 
Portal software and broadens 
operating system support. 


Voice over IP is still drawing 
skepticism from users who 
wonder if the cost is justified. 


MCI’s emergence from bank- 
ruptcy protection could mean 
lower telecom costs for users, 
maybe even a price war. 


Security administrators ex- 
pect to spend most of their 
time next year focusing on 
privacy issues and regulatory 
compliance. 


14 A bill mandating cybersecuri- 


ty accountability is shelved 
amid pressure from vendors. 


14 Veritas targets regulatory 


compliance and data life- 
cycle management with new 
storage tools. 


)&A: Gerry Cohen, CEO of 
Information Builders, predicts 
an upswing for the business- 
intelligence market. 


27 Eyes Everywhere. Business 
activity monitoring systems 
draw on several types of ap- 
plications to allow managers 
to take the pulse of their com- 
panies. But the technology 
isn’t yet mature. 


32 Emerging Technologies: 
Making Access a Figure of 
Speech. Voice authentication 
technology potentially offers 
users easy, secure access to IT 
systems, but accuracy and 
standards are still evolving. 


38 Security Manager’s Journal: 
SSL Broadens VPN Access. 
An alternative Secure Sockets 
Layer VPN opens up the cor- 
porate network to more users, 
but it also poses new security 
challenges to Vince Tuesday. 
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44 Supply Chain vs. Supply 
Chain. The very nature of 
business competition is 
changing, from company vs. 
company to supply chain vs. 
supply chain. IT has a big — 
and difficult — role to play. 


8 On the Mark: Mark Hail chats 
with an engineer whose 
team’s work will save Agilent 
a cool million per year. 


24 Maryfran Johnson hates the 
marketingspeak from vendors 
about grid, utility or whatever 
computing. So she asked users 
what their Grand Unified 
Buzzword would be. 


24 Pimm Fox hits pay dirt when he 
talks to an exec in the oil patch 
about the best way to handle 
supply chain management. 


25 David Moschella thinks 
Accenture may have hit a hole 
in one when it hired Tiger 
Woods for its latest marketing 
campaign. Service companies 
could replace product compa- 
nies as industry leaders. 


Robert L. Mitchell warns 
against blowhards selling 
snake oil to satisfy your secu- 
rity needs. 


46 Bart Perkins lists several 
reasons why users may be un- 
happy over outsourcing deals. 


56 Frankly Speaking: Frank 
Hayes reveals that most IT 
vendors will support products 
well beyond the end of their 
lives, allowing you to do noth- 
ing when facing upgrades. 
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What the Tech-Job Exodus 
Means to U.S. Programmers 


CAREERS: Though global ramifications are 
very hard to predict, computer guru Ed Your- 
don is again warning of disaster because of 
competition from low-priced, high-quality 
Indian software professionals, reports Ca- 
reer Journal’s Bob Davis. @ QuickLink 42540 


Object-Based Storage for 
Linux Clusters 


STORAGE: RAID developer Garth Gibson 
looks at the challenges of storage in large 
clusters and provides an overview of object- 
based storage architecture. @ QuickLink 42441 
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Reusable Assets 


DEVELOPMENT: How to get value from asset- 
based development. @ QuickLink 42610 


Network Security: Ask the Experts 
NETWORKING: Have a question about keep- 
ing your network safe from malicious at- 
tacks, careless users, poor configurations 
and other threats? As part of our January 
Knowledge Center special report on network 
security, we invite you to send ina query to 
our panel of experts. Topics can include re- 
mote-access policies, monitoring tools, out- 
sourcing issues and other concerns. Send 
queries to: AskAnExpert@computerworld.com; 
sorry, due to the expected volume, not all 
questions will be answered. 
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What's a QuickLink? 
Throughout each issue of 
Computerworld, you'll 

see five-digit QuickLink codes 

pointing to related content on 
our Web site. Also, at the end of 
each story, a QuickLink to that 
story online facilitates sharing it 
with colleagues. Just enter any 
of those codes into the Quick- 

Link box, which is at the top of 

every page on our site. 





AT DEADLINE 


Attack on Linux 
Kernel Thwarted 


Linux kernel developers said they 


removed a Trojan virus that an at- | 


tacker had planted on a server 
that hosts a copy of the operating 
system’s source code. The kernel 
file had been changed to allow the 
attacker unauthorized access to 
Linux distributions built with the 
affected source code, the devel- 
opers said. But they added that 
the server isn’t widely used. 


PeopleSoft Refund 
Offer Target of Suit 


Attorneys pursuing a sharehold- 
ers lawsuit against PeopleSoft 
Inc. filed a motion to block the 
company from promising refunds 


to users if it’s acquired. The move | Bu: 
| effect on that date next year. It 


came one week after PeopleSoft 
expanded the time frames of the 
refund offer and the actions by an 
acquiring company that would 
trigger it. PeopleSoft, which faces 
a takeover bid by Oracle Corp., 
said it wanted to give users a 
higher level of security. 


ed Cybersecurity 
Policy to Be Revised 


The Bush administration is rewrit- 
ing a 1998 policy document on 
cybersecurity and critical infra- 
structure protection to take into 
account post-Sept. 11 homeland 
security requirements, sources 
said. A draft version of the rewrite 
places increased emphasis on the 
role of the private sector. 
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Akamai, C&W to 
Settle Lawsuits 


are BREA ANE AT, 


Akamai Technologies Inc. and Ca- | 


ble & Wireless PLC’s U.S. unit an- 
nounced a deal to settle patent- 
infringement lawsuits related to 
their rival content delivery net- 
work services. No money will 
change hands. But Cambridge, 
Mass.-based Akamai can pursue 
a damages claim resulting from a 
2001 jury ruling that San Francis- 
co-based C&W America had in- 
fringed on one of its patents. 
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Banks Await Software for 
Exchanges of Check Images 


KEY FEATURES 


Law will allow use of images to settle 


BY LUCAS MEARIAN 
ANK IT managers last 
week said a new law 
that will let electronic 
check images be used 


to settle payments could save 
| the financial industry billions 


of dollars. But the technology 
needed to support exchanges 


| of images is still under devel- 
opment, they added. 


The Check 21 bill, formally 


| known as the Check Clearing 


for the 21st Century Act, was 
signed into law by President 
Bush on Oct. 28 and will take 


frees banks from having to 
send paper checks to one an- 
other and sets the stage for 


| major IT changes, including 


the addition of branch-based 


| scanning systems, new data 


repositories and automated 


| image processing applications. 


Analysts estimate it will 


save the industry more than $2 | 


billion per year, mostly in 


| shipping costs. 


But Doug Smith, senior vice 


| president of planning and en- 
| gineering at Bank of America 
| Corp. in Charlotte, N.C., said 


an industrywide rollout of 


| electronic check clearance 


and settlement technology 


| will likely take years. 
| He added that although Bank | 
| of America has installed imag- 


ing systems that let customers 
view their checks online, it 
doesn’t have electronic pre- 
sentment software to handle 
the exchange of check images. 
Bank of America and J.P. 
Morgan Chase & Co., with 
help from Viewpointe Archive 
Services LLC, conducted a six- 


| month image exchange test 


project that ended last Febru- 
ary. Viewpointe, which was 
founded in 2000 by the two 
banks and IBM, stores 22 bil- 
lion check images per year. 





Jennifer Lucas, a spokes- 





| payments, but IT changes are needed 


woman for Viewpointe, said 


| the test project ran into prob- 


lems when the banks tried to 
use check images to deal with 
so-called day-two settlements 
involving returned checks and 
other exceptions. Day-two 
processes are “paper-reliant” 
and couldn’t handle the elec- 
tronic images, Lucas said. 

The cost of deploying imag- 
ing applications to handle day- 
two work alone can range 
from $4 million to $6 million 
for large banks, she added. 

Ted Kute, senior vice presi- 
dent of item processing and 
treasury management opera- 


| tions at Huntington Banc- 


shares Inc., said the Colum- 
bus, Ohio-based company has 
been doing check imaging for 
its customers for the past 
eight years. It also archives 
images for research uses, such 
as risk management analysis. 
But Huntington is still wait- 
ing for image exchange soft- 


| ware that supports common 





Check Replacement Document 


Processing data 5 
L.. 2013500320¢ 


03/04/2002 
8567408979 
f 


@ Se mse 


MMs 


£053000383) 03/03/2002-— 
2800539446 


Optional 2-D 7 
bar-code 
security | 
feature 

specifications for electronic 
versions of checks, Kute said. 
“The industry has to develop 
the standards around what 
will be the acceptable image 
— a TIFF image, a JPEG file,” 


| he said. “It’s going to take 
| quite a bit of investment for 


many banks.” Using check im- 
ages will also require “a lot 
more storage,” Kute added. 
Brian Black, managing di- 
rector of operations and pay- 


| ments at the Chicago-based 


Bank Administration Institute, 
said the biggest roadblock to 
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gaining widespread accep- 
tance from banks. The law 
doesn’t require them to accept 
checks in electronic form. “If 
one bank is sending and anoth- 
er can’t receive, there’s going 
to be a problem,” Black said. 
But Check 21 has the poten- 
tial to create huge cost savings 
for banks, mostly through re- 
duced transportation and 
check-handling costs, Smith 
said. Clearing and settling pa- 
per checks requires manual 
data entry and the shipment of 
checks to the banks that is- 
sued them, he noted. @ 42679 


Banks’ Joint Ventures Make Imaging a Priority 


Check 21 doesn’t address ex- 
changes of check images or the re- 
placement of paper-based settle- 
ment processes with automated 
applications. But several develop- 
ment efforts are under way in the 
financial services industry to help 
eliminate the need for banks to 
ship checks to one another. 

For example, Viewpointe this 
week will announce that it's team- 
ing with Data Support Systems 
Inc., an Omaha-based software 
vendor, to offer a pay-per-use ASP 
approach to automating the day- 
two settlement process inside 
banks. 

Smail Value Payments Co. in 
New York is another bank-owned 
entity that's focusing on check- 


imaging technology. SVPCo, which 
is owned by a group of 22 large 
banks, is setting up a national net- 
work and switching center to man- 
age the exchange of check im- 
ages. The development work is ex- 
pected to be completed by March, 
a spokesman said. 

The Electronic Check Clearing 
House Organization, a Dallas- 
based not-for-profit company 
that's owned by 24 banks, has cre- 
ated a set of rules that cover things 
such as electronic check present- 
ment, returned checks and guar- 
rantees that one bank would pro- 
vide to another when exchanging 
images. SVPCo has licensed the 
rules for use by its customers. 

In addition, specifications gov- 


erning the layout, data elements, 
content and printing of check im- 
ages have been developed by a 
working group within the Accredit- 
ed Standards Committee X9 Inc. 
standards body in Annapolis, Md. 

Despite all the IT-related activity, 
Doug Smith, senior vice president 
of planning and engineering at 
Bank of America, noted that banks 
will have to convince consumers to 
forgo getting their original checks 
back at the end of each month. 

“In a check-imaging world, we'd 
give our customers a picture,” 
Smith said. “The customer's will- 
ingness to accept that is a social 
decision. It’s really not a technolo- 
gy constraint.” 

~ Lucas Mearian 
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Microsoft Puts Up $5M Bounty 
To Nab Malicious: Code Writers. 


Virus attacks will 
cost businesses 
$12.5B this year 


BY PATRICK THIBODEAU AND 
JAIKUMAR VIJAYAN 
WASHINGTON 


The top target of virus writers, 


Microsoft Corp., is taking the 
offensive with a $5 million re- 
ward fund intended to catch 
malicious code writers who 
are costing businesses billions 
each year. 

Law enforcement agencies 
welcomed the help, and secu- 
rity experts said such rewards 
may produce good leads. But 
some IT managers said last 
week that Microsoft could 





find better ways to spend the 
money. 

“I would rather see Micro- 
soft make a solid investment 
in prevention and contain- 
ment” of viruses, said Connie 
Sadler, IT security director at 
Brown University in Provi- 
dence, R.L. As it is, it’s up to 
users to build barriers that 
limit the damage from a virus 
or worm, she said. 

Brown has network firewall 
rules that prevent one dorm 
from communicating with an- 
other if a problem occurs, said 
Sadler. “It would be nice to see 
some network operating sys- 
tem that would help us do 
that,” she said. 

Hugh McArthur, informa- 


Microsoft Antitrust Case 
Could Still Benefit Linux 


Opponents ask for tougher restrictions 


| still exist,” 





BY PATRICK THIBODEAU 
WASHINGTON 

Throughout the 5-year-old Mi- 
crosoft Corp. antitrust case, 
one of the chief potential ri- 
vals to Windows’ dominance 
cited in court arguments has 
been Linux. And that was true 
again last week, when oppo- 
nents of the 2001 Bush admin- 
istration settlement with Mi- 
crosoft returned to appeal that 
ruling. 

The sole holdout state, 
Massachusetts, asked the 
court to impose remedies that 
it contends are needed to help 
Windows rivals, which essen- 
tially means Linux. The state, 
which was the first to seek ac- 
tion against Microsoft, wants 
the settlement to require the 
Microsoft Office suite to be 
ported to Linux. 


“In today’s environment, Of- 


fice is the [key] to the barrier 
of entry for commercial 
users,” said Steven Kuny, the 
attorney representing Massa- 





chusetts at a U.S. Court of Ap- 
peals hearing last week on the 


| settlement. 


That’s not all Massachusetts 
wants. Its remedy proposal 
would also require an open- 
source version of Internet Ex- 


| plorer, as well as provisions to 
ensure that Windows includes 


Java. 

Two trade groups, the Com- 
puter & Communications In- 
dustry Association and the 
Software & Information In- 
dustry Association, which rep- 
resent Microsoft’s competi- 
tors, are also challenging the 
settlement. 


| Pointed Questions 


Whether the court will send 


| the case back to U.S. District 


Judge Colleen Kollar-Kotelly 
is the current question. The 
six judges who heard argu- 
ments were dispassionate but 
pointed in their questions, fo- 
cusing on issues that have 
been central to the case: the 





| tion security officer at Mc- 


Lean, Va.-based Online Re- 


| sources Corp., an online bill- 
| processing firm, also had 

| doubts about the reward pro- 
| gram’s effectiveness. 
| not address the underlying is- 
| sue that the vulnerabilities that | 


“It does 


the worms and viruses attack 
he said. “The re- 
sources might be better spent 


| fixing those problems than go- 
| ing after [virus writers].” 


| Multiple Fronts 
| Microsoft officials said the re- 
| ward fund, announced last 


week, isn’t a substitute for im- 
proving the security of its 
Windows software, which re- 
mains the company’s top secu- 


Oye Mem UCM CN (Tat 
ment’s settlement with Mi- 
crosoft asked the U.S. Court 
ir eR Olle ig 
outta 


Court could re- 
mand the case to a lower 
Pea M Cm AC mel a 
Crt er mel tell 
and effectively end the case. 


Trey 
ths away. 


commingling of Internet Ex- 

plorer’s code with the operat- 
ing system, the adequacy of 

application programming in- 
terface disclosures needed to 
ensure application interoper- 
ability with the Windows op- 


| erating system, and whether 
| the remedy addressed any 


gains by Microsoft from its 


| anticompetitive conduct. 


Bill Claybrook, an analyst at 
Aberdeen Group Inc. in Bos- 
ton, said porting Office to Lin- 


| ux would give the open-source 
| Operating system a big boost 


because of the importance of 
Office in enterprises. 

“I think you would see a 
huge uptake in Linux use on 





| get it 
| soft. “They don’t think they 
| have done anything wrong.” 





rity priority. The reward pro- 
gram was spawned in recogni- 
tion that the company needs 
“to move on multiple fronts” 
to address the problem, said 
| Brad Smith, Microsoft’s gener- 
| al counsel. 

There’s no question that the 


| problem is a huge one. Ac- 

| cording to security software 

| maker Symantec Corp., 450 

| new viruses and worms are re- 
| leased each month. Most are 


written by males age 14 to 24, 
said Carey Nachenberg, chief 
architect at the Cupertino, 
Calif.-based company. “The 
majority of those threats are 
targeting the Windows plat- 
form,” he said. 

Computer Economics Inc., a 


| Carlsbad, Calif.-based consul- 


tancy, estimates that virus at- 
tacks will cost businesses 
worldwide $12.5 billion this 


| year, a figure expected to rise 
| to $14 billion next year. That 


includes costs related to busi- 


the desktop,” he said. Micro- 
soft would still be owed a li- 
censing fee, but even with 
that, Claybrook believes IT 
managers would be more in- 
clined to consider Linux. 

The judges spent little time 
on the government’s argument 
that courts usually give defer- 
ence to government antitrust 
settlements, said Bob Lande, 
an antitrust professor at the 
University of Baltimore 
School of Law, who took that 
as a sign that the court is tak- 
ing a new look at some of the 
issues in the case. “I think the 


| settlement is in doubt,” said 


Lande. 
Tom Reilly, attorney general 


| of Massachusetts, said after 
| the hearing that Microsoft 
| wasn’t held accountable by the 


settlement with the Bush ad- 
ministration. “They still don’t 
.” Reilly said of Micro- 


But Brad Smith, Microsoft's 


| general counsel, said the com- 


pany has acknowledged the 
court findings about its ac- 


| tions. He also said Microsoft 


has “been very clear in re- 
building and refashioning our 
relationship with the rest of 


the industry.” @ 42671 
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@ MSBiast.A worm author 


REWARD: $250,000 for 
arrest and conviction 


" wSobig virus author 
REWARD: $250,000 for 
arrest and conviction 


ness interruptions and IT se- 
curity service purchases 
among other factors. 

Law enforcement officials 
from the FBI and U.S. Secret 
Service joined Microsoft in 


| announcing the program but 


offered no prediction on its 
success. 

The first two rewards were 
set at $250,000 each for the au- 
thors of the MSBlast.A worm 
and the Sobig virus. Some se- 
curity analysts said the re- 
wards may encourage inde- 
pendent computer experts, 
hackers, corporate IT profes- 
sionals and others to under- 
take detective work. If a mali- 
cious code author “did it for 
bragging rights, or as a general 
‘experiment,’ then there is a 
chance that a reward might 
turn up leads,” said Eugene 
Spafford, director of the Cen- 
ter for Education and Research 
in Information Assurance and 
Security at Purdue University 
in West Lafayette, Ind. 

Rewards programs have 
been successful for the FBI 
and other law enforcement 
agencies and should work well 
in the digital realm, said 
Patrick Gray, a former FBI 


| agent and head of the emer- 


gency response team at At- 
lanta-based Internet Security 
Systems. 

“It’s unfortunate that things 
have come to this,” Gray said. 
“But it’s time to stop focusing 


only on the buggy software 
| and go after the criminal ele- 


ments that exploit [it] as well.” 


@ 42670 


THOUGHTS ON THE ON THE BOUNTY 


t: Interpol’ - direct or 
weighs in on Microsoft s bou 
QuickLink 42614 


Hack kers won't 


be deterred by Microsoft's reward offers. 


| say two virus writers: 


QuickLink 42685 
www.computerworld.com 





6} COMPUTERWORLD November 10, 2003 


BRIEFS 


Microsoft Issues 
Bug Fix for Office 


Microsoft Corp. issued a “criti- 
cal” update for Office System 
2003, less than a month after 
releasing the software. The up- 
date is designed to fix a bug that 
can cause problems when users 
open PowerPoint, Word or Excel 
files containing OfficeArt ele- 
ments saved in an earlier version 
of Office. Microsoft said the flaw 
wasn’t found in beta-testing be- 
cause it “was limited to such a 
small number of customers.” 


Cisco Sees Rise 
In Sales, Net Income 


Cisco Systems Inc. reported a 
5% year-over-year increase in 
revenue and a 76% jump in net 
profit for its first quarter, which 
ended Oct. 25. CEO John Cham- 
bers said a recovery in demand 
“appears to be slowly gaining 
momentum but is still fragile in 
the minds of our customers.” 


BY THE NUMBERS 
REVENUE 


eure} 


IBM Offers Lotus 
Tools as a Suite 


IBM announced a software suite, 
called Lotus Workplace, that in- 
tegrates four messaging, collab- 
oration and content management 
applications. The products have 
a single user interface and in- 
clude common navigation fea- 
tures, IBM said. In a separate 
announcement, the company 
said it has bundled a set of PC 
management services into an 
offering called IBM WorkPlace. 


Short Takes 


AVAYA INC. said it will develop 
converged networking products 
with EXTREME NETWORKS INC 
and resell Extreme’s switches. 
. .» BMC SOFTWARE INC. an- 
nounced a tool for managing 
mainframe databases from its 
Web-based SmartDBA console. 


NEWS 


MARK HALL ®*ON THE MARK 


No-frills VoIP Project 
Slashes Costs ... 


... at bottom-line-bleeding Agilent Technologies Inc. The Palo Alto, 
Calif.-based maker of scientific and engineering test equipment has 
been hemorrhaging cash since the 2001 downturn of the once-hot tele- 
com market. Word inside the $6 billion company is to cut costs every- 
where. For a global company with major operations centers in North 
America, Europe and Asia, a good place to start was the phone bill, 


says Pete Kimball, a voice network engi- | 
neer at Agilent. Unlike an angry parent | 
who yanks a phone out of a teenager’s 
room after seeing the costs rung up by 
the yakking kid, Agilent’s engineers did | 
what engineers do. They conducted a | 
study. Their first discovery, not surpris- | 
ingly, was that virtually all long-distance | 
intracompany calls took place in loca- | 
tions where IP networks were running. | 
The second discovery was 
that up to 75% of the compa- 
ny’s phone conversations were 
internal conference calls. 
Those two facts lit up 
bright-idea bulbs over lots 
of heads, and the company 
swung into action in Sep- 
tember to add voice-over-IP 
gateways to private branch 
exchanges in eight of its 
nine global centers. The 
first phase of the deploy- 
ment will be completed this 
month. “We’ve done noth- 
ing extraordinary,” says 
Kimball. “It’s a straightfor- 
ward design.” Maybe. But 
the amount of money saved 
is extraordinary. Agilent 


Ipsum Networks Inc. in 
EC r MCL eee) 
releases Version 2.2 of 
its Route Dynamics soft- 
ware for its IP manage- 
ment appliances. With 
the upgrade, you can tie 
applications and ser- 
eee OES Hm eH LCi le) 
paths for ideal perfor- 
mance and get alerts 
when those preferred 
baseline paths are by- 
passed. Pricing is based 
on the number of Layer 3 
CCR Rate 


will pocket about $1 million in savings in 
the first year, hitting ROI in about the 
same time. The second phase of the VoIP 
project, which attacks voice over frame- 
relay operations in places like China and 
India, will also be rolled out this year, de- 
livering even more savings. ® Agilent’s 
choice for VoIP technology was Latitude 
Communications Inc. Users like the San- 
ta Clara, Calif.-based company’s Meeting- 
_ Place software, which is de- 
| signed to let them have live, 
interactive online meetings syn- 
chronized with VoIP and use 
tools like instant messaging 
and PowerPoint during 
meetings. Latitude’s iCreate 
2.0 turns PowerPoint into 
Flash demos for zippy per- 
formance online. Latitude is 
so enamored with Flash that 
it will replace its current Java 
Web conferencing engine with 
Flash sometime in mid- 
2004. By the end of this 
quarter, Latitude will give 
managers a detailed audit 
trail for IM usage, which is 
of particular interest to 
those needing to comply 





www.computerworld.com 


with SEC, HIPAA and other data reten- 
tion and control regulations. ® Accessing 
DB2 tables on your mainframe can make 
certain operations a bit pokey. The folks 
at Data Kinetics Ltd. in Ottawa claim that 
tableBase Version 6, which ships today, 
can perform database table reads for DB2 
on 2/0S and 0S/390 hosts faster than if you 
put all of DB2 in cache. What’s more, with 
the new release, you can share IMS and 
DB2 tables on a single system and write 
to the tables. The upgrade also lets DB2- 
stored procedures make calls to table- 
Base, which cuts down on mainframe I/O 
operations and increases performance. 
Pricing is MIPS-based. ® Data integrity is 
paramount to virtually any database’s 
credibility. That’s why database adminis- 
trators are very particular about who can 
read and, especially, write data to their 
prized workhorse. Not so at Gracenote Inc. 
Emeryville, Calif.-based Gracenote sup- 
plies the information about songs ac- 
cessed by users of Apple Computer Inc.’s 


| iTunes music service. When you down- 


load your favorite Coldplay hit or Wagnerian 
aria or load a music CD on your PC, the 
data connected to the song has most like- 
ly been provided by users like you. Ac- 
cording to Chief Technology Officer Ty 
Roberts, Gracenote has hit upon an in- 
triguing scheme that lets any user classify 
music, for example, by genre in a democ- 
ratic fashion. “Users fill out data on the 
tracks, and we buffer it on our servers,” 
he explains. Music companies don’t pro- 
vide the information. Once multiple peo- 
ple confirm, say, that “Okie Dokie Stomp’ 
by Hollywood Fats Band is blues and not 
rock, Gracenote publishes it to the world. 
This approach has implications for data- 
base administrators who may have fields 
with subjective information in them. In- 
stead of choosing for your users, let them 
vote. Democratize the database! A catchy 
slogan for 2004, no? @ 42647 


, 


to reduce server costs. 
SAP has promised to inte- 





| BY MARC L. SONGINI 


SAP AG last week released an 


upgrade of its portal software 


that runs on operating systems 
other than Windows NT and 


| includes real-time collabora- 


tion tools, such as an instant 
messaging service. 

Greg Crider, director of 
product marketing for SAP 


| Enterprise Portal, said Version 


6 of the software supports 
newer Windows releases as 
well as the major versions of 
Unix. SAP also upped the 
number of supported lan- 





| guages from seven to 20 and 


added Web-based application 
sharing and virtual collabora- 
tion room capabilities in addi- 
tion to instant messaging, 
Crider said. 

To ease installation, SAP is 
bundling in adapters and pre- 
defined business rules de- 
signed to let users quickly 
hook applications to the por- 
tal. Content management and 
data categorizing and retrieval 
tools are also being added. 

Lufthansa AG, which runs 
human resources, finance and 





SAP Upgrades Portal, Widens OS Support 


other applications developed 


| by SAP, began using the new 


portal software in July as an 
early adopter. Thomas Endres, 
Lufthansa’s CIO, said a full 
rollout is due to be completed 
early next year and will give 
the German airline a backbone 
to support wide-ranging col- 
laborative processes. 

For instance, Endres wants 
to use the portal to let Luft- 
hansa’s software developers 
share and reuse code. He’s 
also looking to combine the 
company’s various intranets 





grate the portal software with 
third-party applications, ac- 
cording to Endres. “That is a 
key message I rely on,” he 
said, adding that Lufthansa is 
using Enterprise Portal with 
non-SAP products such as 
Documentum Inc.’s document 
management software. 

Laura Ramos, an analyst at 
Forrester Research Inc., said 
Version 6 isn’t a huge step be- 
yond SAP’s existing software. 
But it provides a foundation 
for future releases of SAP’s 
xApps cross-applications 
technology, she said. @ 42638 





Ellisisland.org Welcomes 
70 Million Visitors a Month 
With Oracle, HP and Red Hat 
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More than 70 million monthly visitors look for their past 
with the IT infrastructure of the future: 

HP Adaptive Enterprise Solutions, 

Red Hat Enterprise Linux, 

and Oracle Database. 
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Users Still Lee 
‘Io Voice-over 


| ogy to hundreds of workers at | 


Cite uncertainties 
about cost savings, 
ROI of new apps 


BY MATT HAMBLEN 
BOSTON 
ETWORKING ven- 
dors point to con- 
tinued growth in 
the adoption of 
voice-over-IP technology. But 
several users last week said 
they’re still skeptical about 
VoIP’s ability to deliver cost 
savings and the potential value 
of new applications that it 
makes possible. 

“We've been studying VoIP 
for two years, and we aren’t 
sure the cost is justified,” 
said Jeff Scott, a communica- 
tions project analyst at Indi- 
anapolis-based St. Vincent 
Hospital and Health Care 
Center Inc., which operates 
more than 80 medical facili- 
ties in Indiana. 

Still, Scott and a colleague 
said they got some encourag- 
ing insights for their potential 
VoIP project at the Next Gen- 
eration Networks conference 
here last week. St. Vincent has 
been calculating an estimate 
for the project based on an 
expected need to add quality- 
of-service software and new 
switches to its network. But 
the two IT staffers were told 
at a tutorial that the QoS ex- 
pense might not be necessary. 
The health care company 
plans to continue its evalua- 
tion “because everybody is 
doing [VoIP],” Scott said. 


Skeptics Speak 

Scott and his co-worker 
weren't deterred by skepti- 
cism that was voiced during a 
lunch table discussion by two 
VoIP adopters who work at fi- 
nancial services firms based in 
the Northeast. 

Both users asked that nei- 
ther they nor their companies 
be identified. One said a two- 
year rollout of VoIP technol- 


| functions “just 


| With MCI poised to emerge 
| from Chapter ll bankruptcy 


| users and analysts last week 
| predicted lower prices for 


| Michael Capellas said after the 





his company is being praised 


| by the IT managers who 


conceived the project. But 
it gets low marks from many 


| end users who say that call 
iuaiied a 5 eee 
CONNECTION TIME 


For more, head to our Net- 
working Knowledge Center 


@ QuickLink k1200 
www.computerworld.com 


| system is that it now costs equipment. But he plans to 


other call routing 


don’t work all the 

time,” he added. 
The primary 

benefit of the VoIP 


less than it once did 
to relocate end users or add 


| new ones. Employees now 


can set up service at different 
PC-based phones with a few 


| keystrokes instead of waiting 


IP 


NEWS 


for a technician to do hours 
of work. 

The second IT manager 
from a financial services firm 
said a trial project showed 
that the required investment 
wasn’t cost-effec- 
tive when judged 
purely on the fi- 
nancial ramifica- 
tions of converting 
analog and digital 
phones to VoIP 


continue testing the technol- 
ogy for vendor-touted appli- 
cations like voice interpreta- 
tion of e-mail text, video links, 
virtual whiteboard tools and 
voice connections over PCs. 





of Switch 
Systems 


Harvard University began 
an initial VoIP rollout in June 
for about 200 end users but 
isn’t seeing much cost savings 
over its previous telecommu- 


| nications system, said Scott 


Bradner, a senior technical 
consultant at the school. 

Bradner added that config- 
uring the VoIP equipment 
supplied by Cisco Systems Inc. 
has been “difficult.” But he 
predicted that the cost savings 
will increase as the new sys- 
tem is rolled out to a larger 
group of users. 

Johna Till Johnson, presi- 
dent of Nemertes Research 
LLC in New York, said 31 of 50 
large companies she surveyed 





www.computerworld.com 
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this year reported that they’re 
using VoIP technology. 
“Effective cost-justification 
is a major challenge,” Johnson 
said. But the survey showed 
that VoIP systems are about 
22% less expensive to operate 
than circuit-switched net- 
works, she said, adding that 
her research wasn’t sponsored 
by any IT vendors. @ 42678 


Lower Telecom Prices Expected as MCI Exits Bankruptcy 


| CEO pledges not to start price war but 


says vendor will ‘protect our territory’ 





BY MATT HAMBLEN 


protection early next year, 


voice and data networking 
services, if not an outright 
price war. 

MCI officials have sought to 
dispel such talk since U.S. 
Bankruptcy Court Judge 
Arthur Gonzalez approved the 
company’s financial reorgani- 
zation plan on Oct. 31. CEO 


ruling that MCI already faces 
“a brutal pricing environ- 
ment.” Capellas vowed not to 
start a price war with rivals 
like AT&T Corp. and Verizon 
Communications, although he 
added that MCI “will protect 
our territory, and we will be 
competitive.” 

Vinton Cerf, senior vice 
president of technology strat- 
egy at MCI, last week said in 
an interview that it would be 
“silly to initiate a price war 





and make up revenues in vol- 
ume.” He said that as voice 
revenues decline for all tele- 
communications vendors, 
MCI will put even more em- 
phasis on IP network services 
and “increase the range and 


| function of products and ser- 


vices we offer.” 

But several analysts said 
there is room for MCI, which 
is still legally known as World- 
Com Inc., to drop prices, and 
some users also see cost re- 
ductions ahead. Asked if he 
thinks prices will fall as MCI 
comes out of bankruptcy, Jeff 
Scott, a communications proj- 
ect analyst at St. Vincent Hos- 
pital and Health Care Center 
Inc. in Indianapolis, said, 
“You'd hope.” 


The Downside 

Jack Pavelko, lead telecommu- 
nications analyst at chemicals 
maker BASF Corp. in Mount 
Olive, N.J., also predicted that 
MCI’s emergence with low- 
ered debt will result in offers 





of lower prices for voice and 
data services. Pavelko said 
that would put pressure on 
competitors to drop their 
prices as well, but he lament- 
ed such a possibility. 
“Already, we get no cus- 


| tomer service from carriers, 


and now they’ll be fighting 
over fractions of pennies,” 
Pavelko said, referring to 

the per-minute cost of long- 
distance voice services. “Not 
in my lifetime will I ever work 


| with MCI. They deflated 


prices for three years, and 
their emergence from bank- 
ruptcy will push the market 
into further chaos.” 

BASF currently spends 


Pe ceeesecerecseeseeseesseeseesse 


Already, 

we get no 
customer service 
from carriers, 
and now they'll be 
fighting over frac- 
tions of pennies. 


Pee erererseseseseseseeesseseees 


JACK PAVELKO, LEAD TELECOMMU- 
NICATIONS ANALYST, BASF CORP. 





about $28 million annually 
with Sprint Corp. and AT&T 
for voice and data services. 
MCI made a short presenta- 
tion at BASF last month, but 
Pavelko said he wasn’t im- 
pressed by the sales pitch. 

Howard Anderson, senior 
managing director of Yan- 
keeTek Ventures in Cam- 
bridge, Mass., and founder of 
The Yankee Group market re- 
search firm, said that demand 
for long-distance voice ser- 
vices is diminishing and that 
some users can already get 
prices of 1 cent per minute. 

“You can’t get much cheap- 
er than that,” Anderson said. 
“There might not be an actual 
price war, but as MCI 
emerges, it will start more 
competition on pricing. MCI 
is still respected.” 

AT&T spokesman John 
Heath said that whatever MCI 
does on pricing for a wide 
range of voice and data ser- 
vices, AT&T will keep pace. 
“We've been able to compete 
with MCI very effectively 
when they were cheating in 
the past, and we'll continue to 
do so,” Heath said. @ 42657 
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PDU with 

System Bypass 
Rack-optimized 
design with 
configure-to-order 
multi-branch whips 
to speed installation. 


InfraStruXure™ 
Manager 
Remote manage- 
ment of system 
through a single 
IP address. 


N+1 UPS 
Scalable, modular 
and manageable 
with N+1 capability 
for unmatched 
levels of availability. 


Pay as you grow with new InfraStruXure” architecture. 


(floor plan) 
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Rack-mount 
PDU 

Up to 42 
receptacles, 
monitored to 
eliminate branch 
circuit overloads. 


InfraStruXure Architecture 





Traditional data centers are 

built out for future capacity and 
require a large amount of floor 
space that could be otherwise 
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create dangerous hot spots. 


InfraStruXure™ lets you build out 


capacity only as it’s required. Save up 


to 50% CapEx and 20% OpEx*, and 
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space. InfraStruXure AIR delivers 
cooling directly where it is needed. 
eliminating dangerous hot spots. 


Air Removal Unit 
Optimizes heat 
removal from 
densely configured 
racks 


Integrated Cable Routing 
Self-contained cable routing 
allows for installation anywhere - 
no raised floor needed 
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NetworkAIR™ FM 
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sensitive equipment areas 
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Air Distribution Unit 
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Sun Plans to Offer 
Third-Party Tools 


Sun Microsystems Inc. said it 
plans to include third-party prod- 
ucts in the two software bundles 
it sells under a per-employee li- 
censing scheme announced in 
September [QuickLink 41523]. 
Initial deals with software vendors | 
are due to be disclosed at the 
company’s SunNetwork confer- 
ence in Berlin next month. Sun 
also set a price of $50 per faculty 
member or administrator for aca- 
demic institutions that buy its 
Java Enterprise System tools. 


NEWS 


New Laws to Drive 
04 Security Agenda 


| Devising policies 
| trumps technology 


BY JAIKUMAR VIJAYAN 
WASHINGTON 
HE NEED to comply 
with an array of com- 
plex data laws will 
dominate the securi- 


| ty agenda in 2004, according 
| to attendees at the Computer 


| Security Institute conference 


Red Hat Launches 
Linux Testbed 


Red Hat Inc. released the first 
version of an unsupported Linux 
distribution designed to serve as a | 
testbed for the open-source soft- 
ware. The addition of the Fedora 
Core 1 release is part of a plan un- 
der which the Raleigh, N.C.-based 
company is dropping its basic Lin- 
ux product in order to focus on its 
Red Hat Enterprise Linux technol- 
ogy [QuickLink 40133]. 


PeopleSoft Gets OK 
To Go After Oracle 


A state court judge in California 
ruled that PeopleSoft Inc. can 
proceed with a libel and unfair 
competition lawsuit it filed 
against Oracle Corp. in June. 
Judge Ronald Sabraw said Peo- 
pleSoft hasn’t shown that Oracle 
knowingly interfered with specific 
customer relationships but could 
still add evidence of such interfer- 
ence to its complaint. PeopleSoft 
filed the suit after Oracle began 
its hostile bid to buy the company. 


Short Takes 


Sunnyvale, Calif.-based NET- 
WORK APPLIANCE INC. is buying 
Pittsburgh-based storage vendor 
SPINNAKER NETWORKS LLC in a 
stock-swap deal. . . . NETWORK 
ASSOCIATES INC. in Santa Clara, 
Calif., said it has lowered its rev- 
enue by a total of $112.6 million 
dating back to 1998. 





| here last week. 


| lenge will be dealing with laws 
| such as the Sarbanes-Oxley 


| enforcement, benchmarking 


As in previous years, IT secu- 
rity managers expect to spend 


° e | 
considerable time and re- 


| sources fending off destructive 
| intrusions and insider threats. 


But the most daunting chal- 
| 


Act, the Gramm-Leach-Bliley 
Act, California’s SB 1386 priva- 
cy law and international data 
integrity and privacy laws, 
they said. As a result, the em- 
phasis will be on issues such 
as policy management and 


against standards, incident 


| response, forensics and moni- 





toring for insider threats. 


“As far as my business and 
industry in general goes, the 


single biggest driver is compli- | 


ance with all the new data and 


| privacy laws,” said Michael 
| Kamens, global network secu- 
| rity manager at Thermo Elec- 


tron Corp., a $2 billion manu- 
facturer of scientific equip- 
ment in Waltham, Mass. 

As a publicly traded U.S. 
manufacturer with multina- 
tional operations, Thermo has 


| to deal with compliance issues 


ranging from Sarbanes-Oxley 


| to a Chinese encryption re- 
|} quirement that involves filling 


out forms in Mandarin. “It is 
requiring me to quadruple the 
effort that I have to put in ona 
daily basis to ensure that my 
company is in compliance and 
that I’m safeguarding its good 
name,” Kamens said. 

United Government Ser- 
vices LLC, a Milwaukee-based 
provider of administrative and 
consulting services for pub- 
licly funded health care sys- 


| tems, is governed by 400 secu- 


rity requirements issued by 
the Centerg for Medicare and 
Medicaid Sbrvices. Meeting all 


Top Priorities 
For CSOs 


aE Establishing a privacy office. 
® Setting up global security 


policies, baseline practices and lo- 
cal procedures for enforcement. 


® Assessing application security. 
= Monitoring for compliance. 


™ Benchmarking against 

standards. 

= Gathering incident response 

data and evidence. 

SAIC CENTER FOR 
of them will be a “very large 
driver” of security efforts next 
year, said systems security of- 
ficer Todd Fitzgerald. 

For the most part, the ef- 
forts will focus not on tech- 
nology improvements but on 
implementing security poli- 
cies and management process- 
es to ensure regulatory com- 
pliance. “It’s a process that 
will involve spending a lot 
| more time working with man- 





IT Obligations Unclear Under California Privacy Law 


Four months after new California 
privacy rules went into effect, 
more questions than answers have 
surfaced about what the law re- 
quires of IT organizations, accord- 
ing to legal and security experts. 
And answers are unlikely until at 
least a few cases are prosecuted 
and there’s legal precedent that 
can be followed, they added. 

Senate Bill 1386, which went into 
effect July 1, requires companies to 
inform California customers of secu- 
rity breaches involving the compro- 
mise of their names in combination 
with their Social Security, driver's 
license or credit card numbers. 

But the ambiguous wording of 
the law leaves it open to a wide 


range of interpretations, said Erik 
Laykin, president of Online Securi- 
ty Inc. in Los Angeles. 

The law is unclear on several 
points, agreed Charlene Brownlee, 
an attorney at Fulbright & Jawor- 
ski LLC in Austin. For instance, it's 
not specific about when disclosure 
is required from an IT perspective, 
Brownlee said. Under SB 1386, 
disclosure is mandated when “it is 
reasonably believed” that personal 
information has been acquired by 
an unauthorized person, she said. 

But “even if a network is 
hacked, it's not always apparent 
what data was compromised,” 
said Brownlee. The legislation also 
calls for “prompt” communication 


of such breaches without specify- 
ing how soon customers need to 
be contacted, she said. 

Similarly, while the law exempts 
companies that have encrypted 
their data, it doesn’t specify what 
level of encryption is good 
enough, or whether both stored 
data and data in transit have to be 
encrypted, users said. 

“There's a lot of concern all 
over the board, because there 
haven't been any cases that define 
the expectations for this law,” said 
Erin Kenneally, a forensic analyst 
at the University of California's 
San Diego Supercomputer Center. 
“Fear, uncertainty and doubt often 
tule the day in situations where 
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agement and end users, edu- 
cating them on what the secu- 
rity risks are,” Fitzgerald said. 

Third-party connectivity is- 
sues are a priority at St. Jude 
Medical Inc. in St. Paul, Minn. 

As a $1.6 billion manufactur- 
er of cardiovascular equip- 
ment, with 15 facilities world- 
wide and customers in 120 
countries, St. Jude has to make 
sure it avoids liability for se- 
curity breaches involving its 
supply chain or business part- 
ners, said David Stacey, global 
IT security director. 

“Regulation is a massive is- 
sue, and most organizations 
are clearly not ready to deal 
with the myriad issues and de- 
tails involved,” said Ben Roth- 
ke, a senior security consul- 
tant at Thrupoint Inc., a man- 
agement services company in 
New York. 

Complying with data regu- 
lations will mean turning tra- 
ditional notions of the IT se- 
curity function and its role 
within organizations upside 
down, said Terri Curran, di- 
rector of research at the Cen- 
ter for Digital Forensic Studies 
Ltd. in Auburn Hills, Mich. 

“CSOs in the near future are 
going to have to get more cre- 


| ative about things like privacy, 


risk acceptance, forensics, in- 
dustry-related regulations, 
and state and federal laws that 
are really going to affect 
them,” Curran said. @ 42673 


there's not a lot of guidance.” 

Both the university and the su- 
percomputer center have taken 
steps to minimize exposure under 
the law. In some cases, data is be- 
ing encrypted: in others, personal- 
ly identifiable data is being re- 
placed with unique identifiers. 

“What people have to do is to 
interpret the law to what seems 
reasonable for your environment,” 
said Todd Fitzgerald, a systems 
security officer at United Govern- 
ment Services. 

“You've got to see what the in- 
tent of the requirement is and try 
to satisfy that to the [extent possi- 
ble],” he said. “There has to be 
some judgment that you are 
putting into that.” 

~ Jaikumar Vijayan 
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orate Cybersecurity Bill 


‘Tabled After Vendor Pressure 


Sponsor challenges 
industry groups to 
find an alternative 


BY DAN VERTON 
WASHINGTON 


EP. ADAM PUTNAM 

last week shied away 

from introducing 

legislation that 
would have required compa- 
nies to conduct independent 
security audits and detail the 
results in their annual reports. 
The retreat was a result of 
pressure from industry groups 
representing large hardware 
and software vendors. 

Rather than introducing the 
Corporate Information Securi- 
ty Accountability Act of 2003, 
Putnam (R-Fla.) tabled the bill 
and challenged industry orga- 
nizations to come up with an 
alternative proposal within 90 
days. A working group of rep- 
resentatives from the Informa- 
tion Technology Association 
of America, the Business Soft- 
ware Alliance, the Business 
Roundtable (BRT), the SANS 
Institute and the U.S. Cham- 
ber of Commerce held its first 
meeting last week. 

The vendor community has 
come out against the Putnam 
bill for two reasons, said John 
Pescatore, an analyst at Gart- 
ner Inc. Security vendors are 
worried that corporate bud- 
gets will shift toward consult- 
ing and audits and not securi- 
ty products, he said. And the 
IT product vendors are wor- 
ried that companies will be 
less willing to upgrade once 
their current architecture has 
passed testing. 

Putnam’s office, the Cham- 
ber of Commerce and the BSA 
didn’t respond to Computer- 
world’s requests for comment. 

However, several working 
group members and security 
analysts said the roadblock 
stems from both political and 
practical issues. Aside from 
the perceived existence of an 
antilegislation “cabal” consist- 





A BILL 


amend the Securities Exchange Act of 1934 to require 


each publicly traded company to conduct an assessment 


of the company’s computer information security. 


Be it enacted by the Senate and House of Representa- 


tives of the United States of America in Congress assembled, 


SECTION 1. SHORT TITLE. 


4 This Act may be cited as the “Corporate Information 


ty Accountability Act of 2003”. 


5 Seeuri 
alia iil 


The opening passages of Putnam’s bill require companies to conduct 
independent security audits and publish the results in their annual reports. 


ing of large IT industry con- 
sortia, some security analysts 
questioned the wisdom of re- 
porting security information 
to the Securities and Exchange 


| Commission, because that has 


proven ineffective and at times 
costly [QuickLink 42387]. 
Alan Paller, director of re- 
search at the SANS Institute, a 
member of the industry work- 


ing group and a supporter of 
the Putnam measure, said the 
bill faces an uphill battle. The 
main adjustment being cham- 
pioned by Paller includes the 
mandated use of commercially 
available automated tools for 
testing security configurations 
and vulnerability mitigation. 
“By encouraging their use, 
you create a groundswell of 


Veritas Tools Target Storage 
Automation, Compliance 


BY LUCAS MEARIAN 
Veritas Software Corp. last 
week announced a series of 
new and upgraded storage 


| management tools with func- 


tionality that’s aimed at utility 
computing, automated data 
management and regulatory 
compliance needs. 

The rollout included an up- 
grade of the Mountain View, 
Calif.-based company’s flag- 
ship NetBackup software, a 
new Data Lifecycle Manager 
tool and a product for tracking 
service-level agreements and 
the use of storage resources. 

Glenn Groshans, director of 
product marketing at Veritas, 
said NetBackup 5.0 lets stor- 
age administrators restore 
data after system crashes by 
using incremental backups of 
business applications on top 
of previous full backups. Until 





now, users had to do complete 
backups that typically would 
take hours and offer less- 
current data for restoration. 
The backup software will 
also work with Data Lifecycle 
Manager, which can be used 
to create virtual storage 
archives that involve disk and 
tape devices and to index 
records for search and re- 
trieval procedures. “It lets you 
maintain an audit trail on all 
media types,” Groshans said. 
Norm Fjeldheim, CIO at 
Quaicomm Inc. in San Diego, 
oversees a 76TB storage-area 
network that’s primarily based 
on disk arrays from Hitachi 
Data Systems Corp. Qual- 
comm currently uses Net- 
Backup 4.5, but Fjeldheim said 
he hopes the new release will 
help the company make better 
use of its disk capacity by au- 





| demand for benchmarks,” 


Paller told members of Put- 
nam’s staff in a memo. “Com- 
mercial organizations will step 
into that benchmarking space, 
and as organizations find 
themselves in the lower per- 
centiles, they will improve 
their security, creating a pow- 
erful continuing force for 
overall improvement of secu- 
rity throughout the nation.” 
But not all members of the 
industry working group see 
the bill in the same light. Har- 
ris Miller, president of the Ar- 
lington, Va.-based ITAA, one 
of the main forces behind get- 
ting Putnam to delay the bill, 
said the “ITAA believes having 
the trial bar run the IT indus- 


| try is a bad idea... and having 


government bureaucrats ap- 
proving IT innovations before 
they are released to the mar- 
ketplace is a terrible idea.” 

A spokesman for the BRT, a 
Washington-based association 


tomating the migration of old 


| data to low-cost storage de- 


vices. “By doing that, we won’t 


| have to spend more money on 


additional disk space,” he said. 
Matthew Clark, a senior 
staff engineer at Qualcomm, 
said the wireless technology 
vendor retains data far longer 
than regulatory agencies re- 


| quire. The combination of 


NetBackup and Data Lifecycle 
Manager “is going to be a way 
for us to meet those storage 
requirements without having 
to use a one-size-fits-all poli- 
cy,” he said. Clark added that 


NEW STORAGE TOOLS 


TA LIFECYCLE MANAGER 
Automates the placement of 
data on different storage devices 

and provides indexing and 


search capabilities. 


COMMANDCENTH 
SERVICE 
Lets IT managers set storage 
service levels and reports 
on resource usage for 
chargeback purposes. 
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of CEOs of large companies, 
including some of the soft- 
ware vendors that belong to 
the ITAA and BSA, said the 
BRT doesn’t comment specifi- 
cally on legislation that has 
not been introduced. 
However, Klaus Kleinfeld, 
chairman and CEO of Siemens 
and chairman of the BRT’s Se- 
curity Task Force’s Informa- 
tion Security Committee, told 
Computerworld in a written 
statement that while the BRT 
supports Putnam’s effort to 
raise cybersecurity to the level 
of a national policy debate, 
BRT members aren’t waiting 
for legislation to take action. 
The BRT is currently holding 
discussions with “manufactur- 
ers, purchasers and users of 
information security technol- 
ogy to shape the marketplace 
for IT security goods and ser- 
vices,” said Kleinfeld, adding 
that proactive industry mea- 
sures will be announced in the 


coming months. @ 42668 


MOREONINE = 


For additional resources, visit our 
Storage Knowledge Center online: 


QuickLink k1700 
www.computerworld.com 


he will also be able to use the 
incremental backup feature to 
safeguard Qualcomm’s data 
more often. 

NetBackup 5.0 is due next 
month and starts at $5,000, 
and Data Lifecycle Manager 
5.0 is scheduled to be released 
next quarter for an undis- 
closed price. The service-level 
tool, called CommandCentral 
Service 3.5, is available now 
and starts at $22,000. 

Data Lifecycle Manager falls 
short of a true information 
life-cycle management prod- 
uct that automatically controls 
data from creation to deletion, 
said Steve Kenniston, an ana- 
lyst at The Enterprise Storage 
Group Inc. in Milford, Mass. 

But Kenniston added that 
Veritas is addressing some key 
issues facing storage man- 
agers, including service-level 
agreements and user charge- 
backs. “With this integrated 
[suite], you can do true ser- 
vice-level agreements for 
backups,” he said. @ 42654 
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Continued from page 1 


Novell 


Technology Inc. in Hender- 
son, Nev., said he too has long 
been unhappy about Novell’s 


dwindling market share, out of | 


fear that the company could 
someday no longer be viable. 
The SUSE deal has lessened 
those concerns, he said. 

“T see the acquisition of 


SUSE and the Linux growth as | 


a great potential for us be- 
cause it gives us somewhere to 
move to maintain our current 
network environment and to 
go with the open-source ex- 
plosion that’s happening,” 
Jakus said. 


Linux Push 





Novell began its push to Linux | 


last April when it announced 
plans to adopt Linux as a mi- 
gration path for its NetWare 
network operating system 


| said the SUSE deal will likely 


[QuickLink 37771]. “Definitely, | 


when the next version of Net- 
Ware comes out, we'll be us- 
ing it,” Jakus said. “This to me 
brings it all together.” 


| line’s IT relationship with 


| air carrier is a heavy user of 
| Novell products and of Linux 


Gavin McGnauth, head of IT | 


at Manchester, England-based 
British Airways CitiExpress, 


Red Hat: Competition Unchanged 


Fer Red Hat, the dominant en- 
terprise Linux vendor in the U.S., 
last week's buyout of rival SUSE 
Linux by Novell was no surprise, 
said John Young, vice president 
of marketing at the Raleigh, 
N.C.-based company. 

Young said he’s “not uncom- 
fortable” with the development, 
and claimed that it doesn't sig- 
nificantly alter the competitive 
landscape. “We are the leaders 
in the market. The assets that 
Novell is poised to acquire are 
old stuff for us. We're [already] 
building on top of where they 
[are now going],” he said. “I 
don’t doubt that that was a 
good move for SUSE. | don’t 
think that takes us off our mis- 
sion. . . and the success we're 
having in the market.” 

Young also claimed that it will 
be no easy task for Novell to 
overcome the cultural obstacle 
inherent in adopting an open- 


Continued from page 1 


Stone 

When you say Red Hat was a 
bit pricey, does that mean 
there were negotiations with 
Red Hat that got to the point 
of naming a price? No. We de- 
cided that SUSE was who we 
wanted to acquire. We made a 
decision early on that SUSE was 
where we wanted to go. There 
was always an effort on the part 
of Novell to have a relationship 
in some form with Red Hat. We 
tried to form a support agreement 
with Red Hat, and that didn’t 
work. It worked beautifully with 
SUSE. 


Id really like to clarify to what 
extent you had acquisition dis- 


mean a tightening of the air- 


Novell. Currently, the regional 


from Red Hat Inc. But that will 
likely change once Novell ac- 
quires SUSE, he said, because 


source mind-set. “Novell is tra- 
ditionally a proprietary technol- 
ogy company,” he said, “so 
they're kind of putting their foot 
into the water on both sides 
here.” He noted that whether 
Novell can make that work is 
still to be proved. 

“Tm not sure how they'll man- 
age that hybrid company,” Young 
said. “I can’t see any examples 
out there of how hybrid compa- 
nies have achieved success. 
That's part of their challenges, in 
addition to the normal integra- 
tion challenges” of bringing to- 
gether Novell, SUSE and Ximian, 
he added 

For Red Hat, the future is 
more clear, according to Young. 
“We're absolutely committed to 
be 100% open-source, pure 
open-source,” he said. “And that 
unwavering commitment will be 
a source of value to customers.” 

~- Todd R. Weiss 
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: cussions with Red Hat as well. 
f I'm not going to go there. 


i What does this mean for run- 

* ning NetWare on Red Hat En- 

, terprise Linux? We still do that. 

: We still certify the NetWare ser- 

: vices on Red Hat 3.0 as well as 

» on SUSE. Obviously, now that we 
own the [SUSE Linux] distribu- 

. tion, we have to potentially re- 
think that, but as of right now, our 
customers have been asking for 

. both. There's no technical reason 

: that we shouldn't provide at least 
an option if you want to run it on 
Red Hat. But we're obviously go- 
ing to lead with SUSE. 


. So your advice to users run- 

' ning NetWare on Red Hat is to 

- move to SUSE? Sure. You can 
have one-stop shopping from 


of the expected synergy and 
because of recent higher 
prices and per-server licensing 
requirements from Raleigh, 


| N.C.-based Red Hat. “We have 


no physical attachment to Red 
Hat,” McGnauth said. “The 
barriers to entry for SUSE are 
very low. We'd probably push 


| in that direction now.” 


Seeking Support 


Rod Carney, manager of enter- | 
{ong : 
prise server services at 


Columbus, Ohio-based Hunt- 
ington National Bank, said the 
inclusion of SUSE under the 


| ° 
| Novell banner brings a key 
| benefit to its existing relation- 


ship with Novell: after-sales 
support. 

“We now really have a solu- 
tion for a Linux implementa- 
tion that will provide us with a 
support network,” Carney 
said. 

The bank is a big Novell 
user and has several Red Hat 
systems that are being used 
for a message-queuing gate- 
way and other edge-of-net- 


work tasks. But now other Lin- | 


ux applications can be consid- 
ered more seriously, he said. 
“With Novell being such an 


| incumbent here, now that 


they’ve acquired SUSE, that 
helps our decision if some- 
body says, ‘What do you pre- 
fer, Red Hat or SUSE? Two 


! Novell. You can buy the entire 
; Stack, support - you name it, you 
» got it. 


~ Don't you see this as a risky 

+ move, in light of the legal ac- 

' tions SCO has taken with re- 

. spect to Linux? No, not at all. We 
think the SCO move is pretty much 
an unsubstantiated claim. They've 

_ never been able to prove anything 
they've been talking about. Our 
customers haven't balked at this 
issue. | don’t believe SUSE has 
any particular issues with SCO. As 

- far as we're concerned, it hasn't 
been an issue. 


- STONE ON A ROLL 


_ To read the full interview with Novell's 
» Chris Stone, head to our Web site: 


QuickLink 42593 
www.computerworld.com 


& We have 

no physical 
attachment to Red 
| Hat. The barriers 
_ to entry for SUSE 
| are very low. We'd 


| 
| 
| 
| 


probably push in 
that direction now. 


| GAVIN McGNAUTH, HEAD OF IT, 
BRITISH AIRWAYS CITIEXPRESS 


| days ago, I would have said ‘I 
don’t know.” 

A SUSE Linux user and for- 
mer Novell user, Joe Poole, 
manager of technical support 
| at Reading, Pa.-based Boscov’s 
Department Stores LLC, said 
Novell will have to do more 
| than just bring in SUSE and 
| Ximian to make its products 
| compelling to corporate users, 
especially as a “killer desktop” 
operating system. 

“Novell has to add value to 
the whole proposition,” he 
said, including making it as 
simple for IT workers to in- 
stall SUSE Linux as it is to in- 
stall Windows. “Novell has to 
step up with all of its exper- 
tise, not just marketing,” he 
said. “That’s the problem we 
see now.” 942677 








www.computerworld.com 


Microsoft to 


Stay Course On 
Linux Strategy 


Microsoft Corp.'s chief Linux 
strategist said last week that 
the company won't change its 
strategy “one ounce” in the 
wake of Novell’s acquisition 
of SUSE Linux. 

Martin Taylor, general man- 
ager of platform strategy at 
Microsoft, said Novell's acqui- 
sition simply provides “further 
evidence that Linux is going 
to continue to consolidate 
and become more and more 
commercial.” 

“From our perspective, it 
means that Linux will move 
toward being held up to the 
commercial standards,” Tay- 
lor said. “And that gives us an 
opportunity to look at things 
like cost, reliability, interoper- 
ability and even security for 
that matter on a more bal- 
anced playing field.” 

John Enck, an analyst at 
Gartner Inc., said Novell's ac- 
quisition of SUSE elevates the 
Linux threat on the server op- 
erating system for Microsoft, 
although not by “orders of 
magnitude.” 

Enck said Microsoft will 
have to decide how much 
more emphasis it wants to put 
on the low-level infrastructure 
end of the market where Lin- 
ux plays, such as Web serv- 
ing, file and print services, 
and management services, 
now that it has been making a 
push up the stack to focus on 
enterprise features. 

But one area Microsoft will 
have to concern itself with is 
the 1,600 worldwide partners 
Novell has as Linux advo- 
cates, according to Enck. He 
said Microsoft will have to 
step up the training for sales 
consultants in the field to 
thwart the threat. 

“The big thing is Novell is 
credible,” Enck said. “It’s 
someone with proven enter- 
prise and field services [expe- 
rience] that you can’t wave 
your hands and dismiss.” 

- Carol Sliwa 
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Cohen Sees Rebound for Analysis Tools 


Is business intelligence a healthy 


BY MARC L. SONGINI pute 


Gerry Cohen, CEO of Information | business intelligence software, 
offshore outsourcing and what’s 
past 27 years, spoke with Com- | happening at his company. 


Builders Inc. in New York for the | 
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rworld last week about 
market? I think it will be a 
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healthy segment for 2004. The 


big companies are picking an 


| enterprise solution, and mid- 
size and smaller ones are get- 
| ting into it. The last couple of 
| months, there’s been a little 

| relaxation in budgets. 
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Builders? In a few weeks, visu- 
al online analytical processing 
[OLAP]. This will let you look 
at multiple dimensions at one 
time vs. what we have today, 

where you see one dimension 


| and drill down and go across 


to another dimension. We'll 
have it all on one 
panel in one shot. 

For instance, 
when you look at 
quality [control], 
you can see that 
quality in a Cali- 
fornia plant is 
down. That’s an 
effect. When you 
have an effect, you 
have to see what’s the cause. 
That’s where OLAP comes in 
— it lets you look at raw mate- 
rial supply. That’s OK. So you 
look at attendance and look at 
people as you’re looking for 
the solution. The entire dis- 
play changes. You don’t have 
to drill down to the plant, to 
people, to raw materials. 


How is outsourcing affecting the 
industry? I’m chairman of the 
New York Software Industry 
Association. We’ve taken a 
look at what outsourcing has 
done to jobs in New York City. 
In some sectors, it’s devastat- 
ing. On the other hand, you 
have companies saying, “My 
costs are lower, [and] because 
of this, I’m more competitive.” 
If you think [IT] is a strate- 
gic function that companies 
use to compete against one an- 
other, then you can’t move it 
out of the U.S. You can’t move 
it too far away. If you believe 
that it doesn’t matter, then 
move it where you want. My 
position is that it does matter. 


Will business intelligence go off- 
shore? You can’t do that. BI 

is what we call “information 
now.” I want to know some- 
thing right away. What runs 
companies are people, process 
and technology. The technol- 
ogy probably stays here. The 
people may or may not go off- 


shore. @ 42621 


COHEN CONTINUED 
To read the full interview with Information 
Builders’ CEO, go to our Web site: 


QuickLink 42582 
www.computerworld.com 
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Autonomic Technology Faces Big Challenges, Panel Says 


Users are enticed by self-management | 
tools but cite cost and scalability issues | 





BY PATRICK THIBODEAU 
WASHINGTON 

Autonomic computing — the 
development of systems that 
can manage and repair them- 
selves — holds great appeal to 
NASA for its deep space mis- 
sions. But the technology 
faces substantial hurdles, a top 
IT official at the space agency 
said during a panel discussion 
here recently. 

“We've encountered huge 
challenges in validating and 
testing some of these tech- 
nologies, and it ended up tak- 
ing a lot more time and being 
a lot more costly than we ever 
imagined,” said Peter Hughes, 





assistant chief for technology 
at the IT division of NASA's 
Goddard Space Flight Center 
in Greenbelt, Md. 

Although he labeled auto- 
nomic computing a “break- 
through technology,” Hughes 
said the challenges include 
achieving the scalability need- 
ed to handle cascading prob- 
lems that affect multiple sys- 
tems. It will also be difficult to 
develop tools that can sift 
through and make sense of di- 
agnostics data gathered from 
various systems, he added. 

IBM and other systems 
management vendors are de- 
livering pieces of autonomic 


technology in the form of 
server self-management and 
self-optimization tools. 

Alan Ganek, a vice presi- 
dent at IBM who is leading its 
autonomic efforts, said the in- 
creasing complexity of IT in- 
frastructures is making the job 
of running corporate data cen- 
ters more and more difficult. 

“Nobody can understand all 
the pieces and parts as they 
come together,” Ganek said. 
He and Hughes were panelists 
at a forum on autonomic com- 
puting sponsored by the Wood- 
row Wilson International Cen- 
ter for Scholars. 


Much to Be Learned 
Despite the potential of self- 
management to free IT man- 
agers from having to focus on 


| 





oe 
Autonomic 
Computing 


& Promises to reduce the 


complexity and cost of 
running data centers. 


Sere mere eeeeeeeseeseseeeee 


= Needs years of development 
before it can support enter- 
prisewide systems. 
mundane systems issues, the 
panelists said much still needs 
to be learned, such as the real 
cost of autonomic approaches. 
For instance, many govern- 
ment agencies are moving 
from homegrown systems to 
off-the-shelf applications in an 
effort to standardize opera- 
tions and reduce their IT 


costs. But Hughes noted that 
NASA has had difficulty syn- 
chronizing an upgrade of its 
commercial systems. 

“Often, we displace some 
simple solution with more 
complex ones and are not 
looking at how much it will 
cost to maintain that system 
and keep it operating,” he said. 

Software bugs are another 
issue. Gail Kaiser, director of 
the programming systems lab- 
oratory at Columbia Universi- 
ty in New York, said the idea 
of perpetually testing systems 
even after deployment is relat- 
ed to autonomic computing. 

“Software engineers have 
long recognized that you're 
never going to get out that last 
bug in the lab,” she said. “But 
you shouldn’t stop testing it 
then, and you should figure on 
continuing to patch, repair it 


and reconfigure it.” @ 42503 
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OPINION 


MARYFRAN JOHNSON 


endor Vision Quests 


HERE’S SOMETHING ironic about the 

way so many vendors are talking about 

simplifying computing environments 

yet struggling to explain their visions in 

terms that make sense to anybody. Carly 
Fiorina was Exhibit A of this conundrum recently, as 
the Hewlett-Packard CEO tried in vain to explain her 
“adaptive enterprise” strategy by saying it was built 
on “Darwinian reference architectures.” 


Say what? Is that just a 
complicated way of say- 
ing “evolutionary”? 

Listening to IBM big- 
wigs explain on-demand 
computing, or Sun Mi- 
crosystems honchos talk 
about NI] automation 
technologies, or Oracle’s 
Larry Ellison discuss grid 
computing could induce 
a similar brain cramp. 
When you strip away the 
carefully branded mar- 
keting buzzwords, what the IT mar- 
ket leaders are talking about (and 
hoping to sell) are increasingly so- 
phisticated software, hardware and 
services to accomplish one or more 
of these tasks: 

®@ Automating and integrating 


® “Virtualizing” or provisioning 
computing resources on increasingly 
self-managing networks. 

® Redeploying underused re- 
sources to match user demands or 
business needs. 

® Consolidating platforms into 
simpler, and cheaper, architectures 


(often Linux running on Intel boxes). 


® Putting “pay-by-the-drink” con- 
sumption into play for software, 
hardware and even services. 

I’ve become a little obsessed lately 
with finding what one of my editors 
sardonically calls a Grand Unified 
Buzzword (GUB) for all of the 
above. Being a big believer in lan- 
guage that makes sense of things, 
I’ve been searching for a vendor- 
jargon-free, catch-all phrase that 





would make sense of all 
the pitches, from auto- 
nomic and on-demand 

to adaptive and utility 
computing. I thought a 
revival of that old standby 
next-generation computing 
could tie a neat, concep- 
tual ribbon around every- 
thing. 

So last week I tried my 
new GUB on a roomful of 
veterans of vendor strate- 
gies: the San Diego chap- 

ter of the Association of IT Profes- 
sionals. These IT experts listened 
politely but gave my unified buzz- 
word a definitive thumbs down. To 


| experienced IT managers, next gen- 


eration has come to mean generic 
hype about cool technology nobody 
can make practical use of yet. 





Well then, I challenged, what 
would they call it? That launched an 
entertaining contest to pick the best 


| word to describe where computing 


is headed. The favorites were trans- 
parent, pervasive, accessible, intuitive 
and effortless. All of them, you'll no- 
tice, speak to a simpler user experi- 
ence. There wasn’t a “Darwinian ref- 
erence architecture” in sight. 

AITP member Ray Causey, a part- 
ner at Tatum CIO Partners and for- 
mer CIO at Mailboxes Etc., said he 
believes the business value of more 
simplified applications — the fewer 
features, the better — would actually 
allow vendors to charge more than 
they do now for the complex, user- 
unfriendly stuff. “You’d end up with 
users who are more productive and 
getting the job done, leaving CIOs to 
concentrate on adding business val- 
ue in other areas,” Causey said. 


“Easy-to-use software would actually 


enhance the CIO’s image as a busi- 
ness-focused executive.” 

Summing up the situation nicely 
was AITP member Reid Warrick, 
president of TeraCenter Inc. “All of 
the cool stuff we need today already 
exists. What we need to do is to put 
it together and make use of it. Now 
the question is, Can the major play- 
ers come together to take computing 
to the next level?” © 42627 
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PIMM FOX 


Straight Talk 
- With Vendor 
Hits Pay Dirt 


HE OIL INDUSTRY’S 
blunt language seems 
out of place when ap- 


plied to IT, where sales and 
marketing lingo are often mixed with 
analyst prognostications in order to 
obscure reality. Perhaps it’s the straight- 
forward nature of oil and gas explo- 
ration that invites direct talk: You ei- 
ther hit pay dirt or you don’t. 

So talking to Reid Nuttall, vice presi- 
dent of IT at Houston-based Varco In- 
ternational Inc., about supply chain 
management takes some adjustment. 
For example, his primary concern isn’t 
cutting costs. It’s customer lock-in. 

“The first issue was to have some- 
thing facing the customer that lets 
them do business quickly and easily,” 
Nuttall says. “We’re connecting system 
to system and want to 
lock in the customer, 
lock them into our 
spare parts.” 

Varco, which makes 
and sells $1.3 billion 
worth of drilling rig 
equipment annually, 
believes that if it of- 
fers good prices and 
an easy way to do 
business, the cus- 
tomer will, as Nuttall 
says, stick around. 

That same attitude describes the 

| bake-off Varco held with three IT ven- 
dors to build a supply chain system that 
could flexibly connect with EDI-, XML- 
and even e-mail-based customer sys- 
tems and then link to Varco’s own back- 
end systems. Flexibility was crucial, 
since Nuttall hadn’t seen two cus- 
tomers with the same ERP system. 

Varco evaluated a commercial hub 
consisting of a hosted middleware 
product. It also considered using stan- 
dard Microsoft tools and paying a con- 
sultant to set up the system. But in the 
end, the company settled on a system 
to be set up by its ERP vendor, Glovia 
International Inc., because integration 
with the existing architecture seemed 
easier. Varco also had more clout with 
Glovia, and it was able to persuade the 
El Segundo, Calif.-based ERP division 
of Fujitsu Ltd., to really dig into each 
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type of customer connection. Glovia 
managed to put together a system that 
combines e-commerce middleware for | 
all the transport, error-checking and | 
handshaking between the customers _| 
and Varco. 

Varco’s system, used in operations in | 
the U.S., Britain, Canada and Singa- 
pore, can automatically send requests 
for quotes, shipment dates, purchase 
orders, invoices and any order changes 
that might occur. 

For Nuttall and his IT staff of 80, the 
most difficult challenges involved 
knowing where the messages moved in 
the supply chain system and how to 
make the system automatically check 
the health of operations. “For folks on 
the front end, you’re the one control- 
ling the information, so you’ve got to 
be ready to fix any bad information at 
the source,” says Nuttall. 

In addition, Varco had to draw all 
the relevant connections to the differ- 
ent XML versions used by customers. 

Now, with just one IT specialist and 
a business analyst, Varco’s package is 
up and running — and, coincidentally, 
saving the company money. @ 42546 


DAVID MOSCHELLA 


‘Tiger May 
Be Right for 
Accenture 


S A GENERAL RULE, 
world-class companies 
shouldn’t tie their im- 


ages too closely to the appeal 
of any one celebrity. This year has al- 
ready shown why deals with sports 
stars are especially risky. Baseball’s 
Sammy Sosa and basketball’s Kobe 
Bryant were among the most admired 
athletes in American sports. Then Sosa 
was caught using an illegal corked bat, 
and, far more seriously, Bryant was ac- 
cused of sexual assault. IBM probably 
had it right when it chose the timeless 
image of Charlie Chaplin’s tramp to in- 
troduce its first PCs. 

Nevertheless, the recent multiyear 
contract enabling Accenture to use 
Tiger Woods as the global symbol of 
its new High Performance Business 
initiative is intriguing, and perhaps 
even important. To me, the signifi- 
cance of this deal isn’t what it says 
about the impressive rise of golf within 
the global business community, but 
rather how it accurately reflects the 


| 





OPINION 


needs of today’s IT industry. 
Here’s why: 

For more than 40 years, 
the IT business has been 
dominated by its largest 
hardware, software and net- 
working suppliers. Through- 
out the 1990s, the CEOs of 
product companies such as 
Intel, Microsoft, Oracle, Cis- 
co, Sun Microsystems and 
Dell were by far the most 
visible industry leaders. The 
voices of IT customers and 
IT services companies — 
IBM, EDS, Accenture and 
others — were much more muted. 

But have you noticed that ever since | 
the bursting of the dot-com bubble, the | 
words of Bill Gates, Larry Ellison, John 
Chambers and company don’t have 
nearly the impact they once did? Part 
of this is simply a matter of these IT 
boosters having to spend a decent in- 
terval licking their wounds and eating 
humble pie. But there’s a more funda- 
mental reason: Increasingly, IT prod- 
uct companies are finding themselves 
unable to speak to the technology in- 


DAVID MOSCHELLA’s latest 
book is Customer- 
Driven IT: How Users 
Are Shaping Tech- 
nology Industry Growth. 
Contact him at 
dmoschella@earthlink.net. 


dustry issues that really 
matter. 

By now, it should be 
clear that the health of the 
IT industry can’t be re- 
stored simply by develop- 
ing more powerful servers, 
operating systems, data- 
bases or even gridlike net- 
works. Renewed growth 
will require that customers 
move forward with major 
new classes of IT usage. 
Many of these new appli- 
cations will be industry- 
specific in nature and 
won't be dependent upon new genera- 
tions of general-purpose products. In- 
stead, they’ll require the strong com- 
mitment of customers and the IT ser- 
vices companies that support them. 

This is why I have long argued that 
IT industry leadership needs to shift 
away from product companies and to- 
ward IT services firms. But thus far, 
the major services companies have 
been slow to assume the role of IT in- 
dustry advocates, resulting in today’s 
noticeable leadership void. 
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The Accenture/Tiger Woods ar- 
rangement suggests that this might be 
changing. Let’s hope that the company 
isn’t just basking in Woods’ limelight 
and that it’s committed to becoming a 
much more visible and positive indus- 
try force. 

Few people embody the combina- 
tion of ability, focus and pursuit of ex- 
cellence more completely than Tiger 
Woods. But beyond his many great in- 
dividual achievements, Tiger’s most 
important accomplishment has been to 
raise the global image of and enthusi- 
asm for his sport. If Accenture can ac- 
tually start doing this for IT, its huge 
multimedia campaign will be well 
worth the cost and risk, and could be- 
come a real marketing coup. 

For nearly three years, the IT busi- 
ness has been understandably timid 
and defensive. Perhaps the time for 
more aggressive tigers has finally re- 
turned. @ 42544 
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Farewell to H-1Bs, 
But Also to Jobs 


HE ARTICLE “High-Tech’s Use 

of H-1Bs Drops” [QuickLink 
41323] includes this statement: 
“This kind of puts to rest the idea 


that we are throwing Americans out | 


in the street and hiring H-1Bs to re- 
place them,’ said Thom Stohler, a 
vice president of the American 
Electronics Association, a trade 
group representing the high-tech 


industry that has advocated a high- | 
er H-1B cap.” Stohler’s comment is _ | 
disingenuous, because the industry | 


will continue to outsource comput- 
er work overseas. 

Robert Boos 

Plainview, N.Y. 


A Friend in D.C. 


T WOULD BEHOOVE members of 

the programming community to 
learn the name Tom Tancredo 
[“Q&A: Congressman Explains His 
Opposition to H-1B Visas,” Quick- 
Link 41779]. He’s our best friend in 


Washington. Where most members | 


of Congress express canned sym- 
pathy when told of the probiems 
programmers face, Tancredo has 
taken action. He has introduced 





as 


real legislation intended to help 
America’s programmers. In stand- 
ing up to the money interests, he 
has taken a lot of heat from politi- 
cians. Programmers ought to take 
note of what Tancredo has done for 
them and give him their support. 
John Miano 

Founder, Programmers Guild, 
Newark N_J. 


Laughing With Nick 
ICHOLAS PETRELEY has al- 
ways written insightful col 

umns, but “Sun Microsystems on 

the Couch” [QuickLink 41853] was 
great. Lately, his Microsoft-bashing 
and Linux-only articles have gotten 


boring; this article portrayed history | 
| dustrial and military self-sufficien- 


very humorously. | was laughing 
and learning at the same time. 
Prakash Tambe 

Empact Corp., 

Rolling Meadows, Iil. 


Extra Extranets 


EAN CONSILVIO raises the is- 

sue in her Oct. 6 article, “Law 
Firms Open Up” [QuickLink 41214], 
of the need to have a “standard 
way {o view numerous extranets at 
once.” It might be mentioned that 








there are firms that are currently ac- 
complishing this task quite adroitly, 
allowing clients to toggle among 
multiple matters after only one ex- 
tranet log-in 

Margaret Morton 

Atlanta 


Outsourcing and the 
Founding Fathers 


HE TREND toward the outsourc- 

ing of jobs and manufacturing 
overseas is in basic conflict with 
concepts of national sovereignty. !n 
a white paper commissioned by 
President George Washington and 
the U.S. Congress, the first secre- 
tary of the treasury, Alexander 
Hamilton, articulated a policy of in- 


cy. Hamilton's “Report on Manufac- 
tures” says 

“Not only the wealth, but the in- 
dependence and security of a 
country, appear to be materially 
connected with the prosperity of 
manufactures. Every nation, with a 
view to those great objects, ought 
to endeavour to possess within it- 
self all the essentials of national 
supply. These comprise the means 


of subsistence, habitation, clothing, | 


and defence. 


“The possession of these is nec- 
essary to the perfection of the body 
politic; to the safety as well as to 
the welfare of the society; the want 
of either is the want of an important 
organ of political life and motion 
and in the various crises which 
await a state, it must severely feel 
the effects of any such deficiency.” 

Our present trade agreements 
contradict the designs and intent of 
our founding fathers. Not every na- 
tion is so willing as we to relinquish 
its vitality for quick, dirty profits. Our 
hubris and naiveté will eventually 
exact a substantial cost 
Byron G. Cosby 
Five Seven Enterprises, 
Fitzwilliam, N.H., 
bushwah4u@webryders.net 
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THE FASTEST WAY TO MAKE YOUR 
APPLICATIONS 


Imagine your applications — both legacy and 
new — performing together as an ensemble. 
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With its unique fusion of powerful technologies 
for application integration, development, deploy- 
ment, and management, Ensemble enables 
extremely fast integration and rapid development 
of “composite applications” — new business 


solutions that integrate data, orchestrate business 


InterSystems 


processes, and enhance the value of legacy applica- 
tions. You’ll see real-world evidence of this in the 
customer testimonial section of our web site.* 

Ensemble is exciting new software from 
InterSystems. Over the past twenty-five years our 
high performance products have been deployed 
in more than 100,000 mission-critical systems 
around the world. 

We’re so confident that Ensemble is drama- 
tically faster than any other integration technology, 
we'll be happy to begin our partnership with you 
by conducting a pilot project. To pursue this, 
contact us at: 
www.InterSystems.com/Ensemble/ Pilot 
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Integrate Applications Faster 


*Read how companies like yours have integrated applications faster with Ensemble: www.InterSystems.com/Ensemble/Customers 
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EMERGING TECHNOLOGIES 


Making Access a Figure of Speech 
Voice authentication technology eases 

t standards are 
evolving slowly and user doubts about 


access for users, bu 


accuracy are hindering deployment. 
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Va nem Lae 
needs to know 
something now has 
no excuse not to 
im Url@ uli p 


NEIL MONTGOMERY, CEO, 
DAVIS CONTROLS LTD. 


ANORE SOUROUJON 


SECURITY MANAGER'S JOURNAL 
SSL Broadens VPN Access 
\ Secure Sockets Layer virtual private 
ork broadens access at less cost 
in a hardware VPN, but it also 
poses new security challenges to 
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VERY AFTERNOON at 4:30, a 
screen pops up on the PC of 
Neil Montgomery, CEO of 
Davis Controls Ltd. in Oakville, 
Ontario. It tells him of the im- 
portant events of the day, such 
as how many orders the compa- 
ny booked, how much was billed, the names of 
customers who have gone past 90 days without 
paying and the orders that have missed deliv- 
ery promises. 

His business activity monitoring (BAM) 
system also tells him about things that didn’t 
happen. For example, Montgomery’s BAM 
system sends him 15 daily e-mail alerts, one of 
which identifies any remote salespeople who 
haven't logged in that day to download the 
latest information from a corporate database 
about the customers in their territories. 

“Sometimes those remote sales guys will 


OPINION 
Don’ t Buy mete Snake Oil 


rt L. Mit 


just sit out there in never-never land, and as 
long as they think no one is watching, they’ll 
march to their own drummer,” he says. 

But Montgomery watches through the eyes 
of Macola Enterprise Suite, an ERP package 
from Exact Software, a subsidiary of Exact 
Holding NV in Delft, Netherlands. Macola ES 
includes the Exact Event Manager, a BAM 
product that triggers alerts and reports on ac- 
tivity and nonactivity both inside and outside 
of the ERP system. 

BAM, a term coined by Gartner Inc., refers 
to the automated monitoring of business-relat- 
ed activity affecting an enterprise. Although 
BAM applications are seldom truly real-time, 
they generally look at and report on activity in 
the current operational cycle — the current 
hour, day or week, for example — and are de- 
signed to spot problems early enough to head 
them off. 

Continued on page 30 
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Continued from page 27 

There is no precise definition of BAM products. 
They incorporate concepts from — and sometimes 
are built on — ERP, business intelligence (BI), busi- 
ness process management and enterprise application 
integration (EAI) software. Most vendors of those 
types of products claim to have BAM offerings. 

And BAM isn’t a new concept; credit card compa- 
nies have had real-time fraud monitors for years, and 
manufacturing facilities have real-time error-detec- | 
tion software built into their assembly lines. 

Most companies monitor their business activity, 
but it’s often after the fact — too late to head off a 
problem such as a missed bid deadline or the loss of 
a major customer. “The conventional wisdom has 
been to just take transactional data and move it to 
the data warehouse and then to the BI system,” says 
Mike Smith, a senior vice president at Ventana Re- 
search in Belmont, Calif. “But those systems aren’t 
responsive.” 

Indeed, BAM applications generally don’t take 
data from a data warehouse; they pluck it in real time 
from the applications where it originates — order 
entry, accounts receivable, customer relationship 
management and so on. Output takes a variety of 
forms, including dashboards, e-mails, pager alerts 
and conventional reports. 

“What’s new with BAM,” Smith says, “is we’ve tak- 
en the subcomponents of technologies that have ma- 
tured in the last three to four years and put them to- 
gether to provide more relevant information in a 
much more responsive fashion.” These components 
include EAI, event management, rules, workflow 
monitoring and alerting technology, he says. 

“BAM tools seem to work,” says Gartner analyst 
Bill Gassman. On the other hand, he says, most BAM 
applications today aren’t very sophisticated. They 
tend to be narrowly focused — one could be de- 
signed to watch for a malfunction on an assembly 
line, for example. “But what if there are external 
factors, like a FedEx shipment of parts is late? How 
do you integrate that?” Gassman asks. Recognizing 
such concerns, vendors are starting to build BAM 
into their supply chain products, he says. 

Montgomery says BAM enables him to manage his 


Top Goals for 
Measuring and Monitoring 


Respondents to a Ventana Research survey were 
asked to name their top three goals for monitoring 
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| vendors. NoticeCast sits outside the city’s 





BUSINESS ACTIVITY MONITORING today is based on 
first-generation tools, but in a few years, BAM systems will 
become tightly coupled to business process management 
systems, says Gartner analyst Bill Gassman. “BAM appli- 
cations may send alerts in a publish/subscribe model to lots 
of BPM systems throughout the enterprise. Events go in 
and alerts come out, but those alerts just become events in 
other applications.” 

For example, Gassman says, a BAM system could gen- 
erate an alert that the estimated date of a package deliv- 
ery had slipped. A CRM system and a BPM system might 
each subscribe to such “package due-date change” 
alerts, extending the usefulness of the alerts. 

Over time, BAM systems will include ever more sophis- 
ticated rules of logic. They eventually will be capable of 
finding hidden patterns in current business activity by do- 


company more proactively. “Before, I’d have to wait 
until a customer called with a complaint or I'd have 
to wait until the month-end financial statements to 
really get a feel for how the business was doing.” 
Montgomery generally gives his employees free 
rein to use Exact Event Manager and to define alerts, 
which can be triggered by events in the company’s 
front-end systems, such as CRM, and back-office sys- 
tems, such as purchasing, inventory, order entry and 
accounting. “Anyone who needs to know something 
now has no excuse not to know that thing,” he says. 


Heads Up 


| The Albuquerque city government uses NoticeCast 


from Cognos Corp. in Burlington, Mass., to proac- 
tively push e-mail notices of important events — in 
near real time — to city employees, residents and 
firewall on an extranet and monitors 
events by periodically querying Oracle 
Corp. tables populated by municipal sys- 
tems. It alerts city managers to events and 
notifies outside parties of government ac- 
tions. For example, it does the following: 
@ Every morning, NoticeCast sends an e-mail to 


| each vendor that was issued an electronic payment 


during the night, directing the vendor to a Web site 
on the extranet where it can get a remittance report. 

@ Every evening, NoticeCast sends an e-mail to 
each Albuquerque resident for whom a water bill 
was produced. The e-mail contains all the pertinent 
billing information and directs the resident to a Web 
site where he may pay his bill online. 

@ Once a day, the system sends e-mail to certain 
city employees, letting them know of all online pay- 
ments made to the city during the past 24 hours. 

@ Whenever a candidate files a contribution re- 
port, NoticeCast sends e-mail to city employees re- 
sponsible for tracking campaign law compliance. 

The e-mail alert system helps the city track events 
faster and more thoroughly than before, says Chris 
Framel, a systems analyst for the city. “And before 
NoticeCast, we didn’t do [electronic] payments at all 
because it was so difficult.” 


VENDORS 


For a list of vendors offering 
BAM software, visit our Web 
site: @ QuickLink 42545 
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ing on-the-fly analyses of historical data, says Bill Jacobs, 
a senior product manager at Sybase Inc. in Dublin, Calif. 
“If a process is beginning to go south, typically the early 
seeds of that are hard to see,” he says. “Eventually, we'll 
see Bl and BAM married at the level of using historically 
recorded data to identify problems much earlier.” 

But doing that will require much network bandwidth 
and computer power. “There are a couple of more cycles 
of Moore’s Law required,” Jacobs acknowledges. 

Even further out lies the Holy Grail of BAM, Jacobs 
adds. That's when a system not only sees a problem com- 
ing but also goes beyond sending alerts to actually fixing 
the problem - automatically reordering a part when it sees 
that a shipment has been lost, for example. “That's a sort 
of autonomic response, a self-learning system,” he says. 

~ Gary H. Anthes 


Framel says the city may buy a license to use 
NoticeCast inside the firewall on its intranet, some- 
thing he says is “quite expensive.” It would be used 
to monitor financial and payroll systems. “For exam- 
ple, we could monitor overtime abusers and sick- 
leave abusers,” he says. 

Some BAM systems are pretty basic, simply letting 
a user know whether an event has occurred. Others 
apply user-supplied rules and Boolean logic and are 
more complex. At Davis Controls, for example, when 
a promised order-delivery date is missed, one e-mail 
alert is generated for the responsible salesperson, 
one goes to the customer with an apology, and one 


| goes to an expediter. Different e-mails go to new cus- 


tomers, depending on the size of their initial orders. 

Over the next few years, BAM systems will employ 
increasingly powerful logic, analysts say [see “What’s 
Next for Bam,” above]. 

The vice president of operations at a 
Fortune 100 financial services firm uses 
the SeeRun Platform, a suite of products 
from SeeRun Corp. in San Francisco, to 
monitor cases in a complex workflow en- 
vironment. The firm, which the executive 
asked not to be named, manages some 50,000 cases 
per year, and each can last a year and involve dozens 
of milestones. The firm has signed contracts with its 


| clients guaranteeing performance against opera- 
| tional metrics related to these milestones. If a task is 
| supposed to be completed within 24 hours but isn’t, 





an alert is generated for the appropriate manager. 
“Even more helpful is receiving live activity-track- 
ing along the way — at six hours, 12 hours, 18 hours 
and so on,” the vice president says. The system has 
improved performance and reduced expenses, and 


| it even serves as a marketing tool that can prove 


performance to prospective clients, he says. 
But the operations vice president issues this warn- 
ing to would-be BAM users: “The biggest challenge 


| is what to do with all the data. You can actually over- 


engineer something like this. If you get too many 
stakeholders involved, everybody wants their own 
particular metric. Our experience has been to keep 


it focused and simple.” @ 42407 
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OUTLOOK: Voice authen- 
tication technologies 
promise users secure, 
simplified access to IT 


PY iMr ore 


m Gilhooly 


f 
i 
I 
t 
i 
i 
i 
I 
! 
L 
i 
i 
i 
i 
I 
! 
! 
i 
# 
i 
i 
! 
i 
1 
i 
E 
i 
' 
a. 


_ TECHNOLOGY 


ITH TENS OF THOUSANDS of 
freight customers throughout 
the U.S., Union Pacific Rail- 
road moves a lot of material. 
Because of security require- 
ments, Union Pacific follows 
strict processes to ensure that 
the customer releasing a rail 
car after it’s unloaded is authorized to do so. In addi- 
tion to a secure Web application that handles such 
releases, the rail carrier has added a voice authenti- 
cation application for users who don’t have access to 
computers — people working in a rail yard or at a 
shipping dock, for example. 

“We need to make sure that the person 
releasing the car is the person who re- 
ceived it, that the person works for the 
company, and that it’s a valid car number,” 
says Charlie Duckworth, senior director of 
e-commerce at the Omaha-based company. “It’s par- 
ticularly important when you get into homeland secu- 
rity issues and you’re moving hazardous materials.” 

Using SpeechSecure, from Peabody, Mass.-based 
ScanSoft Inc., Union Pacific securely authenticates 
callers and has been able to offload a large percent- 
age of calls that were previously handled by call cen- 
ter representatives. 

The growing need to buttress security for access to 
business-critical systems has many companies look- 
ing at voice authentication and other biometric tech- 
nologies, which can identify individuals based on 
their unique biological characteristics. 


A Sound Technology 


Voice authentication captures a person’s voice — the 
physical characteristics of the vocal tract and its har- 
monic and resonant frequencies — and compares it 
to a stored voiceprint created during an enrollment 
process. The technology is generating interest for 
use in secure applications that involve repeatable ac- 
tions and where large numbers of people need to be 
authenticated. These include systems that handle re- 
mote network and system access, password reset, 
time and attendance records and inmate verification, 
in vertical sectors such as law enforcement, financial 
services and health care. 
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JNING KEYTO 
VOICE SYSTEMS 


A big issue for businesses implementing 
voice authentication applications is how 
to tune the system to reduce errors 
known as false acceptances and false re- 
jections. False acceptance occurs when 
an imposter gains access to a system: false rejection oc- 
curs when an authentic user doesn’t. The frequency of 
these errors is measured using metrics known as false ac- 
ceptance rates (FAR) and false rejection rates (FRR). 

A voice authentication system plots the interplay of the 
two error rates against each other to establish an access 
threshold. If the threshold is changed to lower one error 
rate, the other one automatically goes up. To make a sys- 
tem effective, companies must strike a balance between 
the two, depending on the intent of their voice applications. 


“Voice authentication is suited to situations where 


| you have a relationship with the user, where they call 


repeatedly, and where you're going to decrease costs 
or increase revenue and user satisfaction,” says 
Samir Nanavati, a partner at International Biometric 
Group, a consultancy in New York. 

However, to realize the expectations that both the 
public and private sectors have for it, voice authenti 
cation must overcome several hurdles. As with any 
technology that allows access to sensitive systems, 
there are concerns about whether voice authentica- 
tion systems can be compromised and whether they 
remain accurate when environmental conditions 
aren’t ideal. In addition, technologies are still largely 
proprietary, with few standards in place. And voice 
authentication, like all biometric technologies, must 
overcome privacy concerns that arise from the use of 
biometric data. 

“Voice is one of the least accurate biometrics in 
that it has to deal with a person’s state of health, day- 
to-day changes in voice, and equipment issues,” says 
Jackie Fenn, an analyst at Gartner Inc. 

Nonetheless, as a biometric identifier, voice au- 
thentication also has much to offer, say experts. Be- 
cause people can use a telephone to enroll in a sys- 
tem and authenticate themselves, there’s no need to 
be physically present at a specific location to use a 
system. And users are more comfortable with the 
idea of speaking to identify themselves than they are 
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“With applications, it really does depend on the intent of 
speaker verification,” says Kevin Farrell, director of speaker 
verification at ScanSoft. “If it's there as a customer-orient- 
ed convenience, and helps with costs in the call center, 
you might use a lower threshold, whereas you'd use a high- 
er threshold for financial transactions.” 

But by themselves, FAR and FRR don’t mean much, 
says Samir Nanavati, a partner at International Biometric 
Group. What matters, he says, is the combination of those 
with a third metric, the enrollment rate. “It doesn’t matter 
what your FAR and FRR rates are if you fail to enroll 14% of 
your user population,” he says. 

What organizations should be looking at, says Nanavati, 
is a system's ability to verify. “From a business perspective, 
especially in the private sector, companies really don’t care 
why you couldn’t use a system. They primarily care that 
they have 12 million customers, and whether a system can 
handle that.” 

- Kym Gilhooly 


with submitting to, say, an iris or fingerprint scan. 
“There’s a lot going for voice authentication. You 

don’t need to have specialized equipment in all your 

locations, just access to a telephone, so it has a key 


advantage from a logistics standpoint,” says Elizabeth | 


Herrell, an analyst at Cambridge, Mass.-based For- 
rester Research Inc. 

Prianka Chopra, an analyst at Frost & Sullivan, 
concurs. “It’s natural to use one’s voice and widely 
accepted, and it’s the only biometric that provides 
remote authentication,” she says. 


Voice Concerns 

Successful use of any biometric system depends on 
the environment, applications and the user popula- 
tion. In accuracy tests in lab settings, voice authenti- 
cation systems compare favorably with other biomet- 
ric systems. In real-world use, however, they have to 
deal with behavioral and environmental factors such 
as background noise or changes in users’ voices. 

One of the biggest challenges stems from cross- 
channel issues — when a person uses a different type 
of phone to authenticate than the one he used during 
the enrollment process, says Larry Heck, vice presi- 
dent of research and development at Nuance Com- 
munications Inc., a provider of speech technology in 
Menlo Park, Calif. In the mid-’90s, Heck says, SRI In- 
ternational and MIT were working on that problem. 
Along with other vendors, Nuance has continued 
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| that work, using speaker model synthesis to develop 

a machine-learning algorithm that identifies what 

has changed in a voice template based on changes in 

the equipment used, creating a transform template 
for each kind of equipment. 

Model adaptation is also key to improving accura- 
cy, says Kevin Farrell, director of speaker verification 
at ScanSoft. Here, the parameters of the voiceprint 

| are adjusted based on slight changes in a person’s 
| voice, making a template more accurate over time. 

“Some people can use a system all the time and it’s 
stable, but some people have more nat- 
ural variants, even though it’s subcon- 
| scious,” says Farrell. He says some cau- 
| tion has to be applied, because a model 
will adapt if an impersonator with a 
high enough match score got through. 
| As for security concerns, voice au- 
| thentication applications typically use 
| two-factor authentication, where a user 
| provides something that shows who 
they are — their voice — along with 
something they know, such as a pass- 
word or an account number. In these cases, voice au- 
thentication is combined with speech recognition to 
identify what the speaker is saying. 

“Voice authentication does well when combined 
with a backup process, and that’s where speech 
recognition comes in,” says Judith Markowitz, presi- 
dent of Chicago-based voice biometrics consultancy 
J. Markowitz, Consultants. 

If a user is initially verified by a voice system, he 
| can then be asked context-related questions, via 


STEP ONE 


Ee) The customer enters his 
account or ID number, then the 
system prompts him to speak a 
passphrase (typically either a 
chosen password or series of 
digits) three times. 


STEP TWO 


a3 The user enters or 
speaks his account ID and 
speaks the passphrase. 





THE NEXT STEP 


Q&A: international Biometric Group's 
Samir Nanavati disc 
potential of voice authentica 
QuickLink 42364 

For a sampling of voice authentication 
technology vendors, visit our Web sit 


QuickLink 42366 
www.computerworld.com 


2 The speech analysis system 
applies a mathematical algorithm 
to the inputs to create a unique 
voiceprint. Having the user repeat 
the passphrase enables the system 
to account for variances. 


go The voice authentication system scores 
the input and compares it to the voiceprint 
in the speaker registry database. 
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speech-recognition technology, for additional securi- 
ty. If the user can’t answer the questions, he’s reject- 
ed and, where appropriate, sent to a live agent. 

Despite these accuracy and security advance- 
ments, voice authentication technologies need to 
incorporate more standards if they’re going to find 
major acceptance. Work is ongoing in such efforts as 
CBEFF (the Common Biometric Exchange File For- 
mat) and VXML (Voice Extensible Markup Lan- 
guage), and for programming interfaces such as 
BAPI (Bio API) and vertical standards such as the 
ANSI X9.84-2001 specification, which 
provides for secure remote electronic 
access or local physical access control 
in financial services. 

Though voice authentication adop- 
tion to date has been low — Inter- 
national Biometric Group says that 
this year, voice authentication will 
account for just 4.1% of the $928 mil- 
lion biometrics market — the business 
needs for improved remote access 
security and end-user satisfaction 
will ultimately drive its use, says Forrester’s Herrell. 

“Voice authentication is not a spooky business, and 
it’s going to be used for business, especially in highly 
regulated industries, and not top-level national secu- 
rity,” she says. “Rather than feeling it’s invasive, I 
think users will appreciate it that businesses are pro- 
tecting them with this kind of technology.” @ 42362 
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Gilhooly is a freelance writer in Falmouth, Maine. 
You can reach her at kymg@maine.rr.com. 
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HOW VOICE AUTHENTICATION WORKS 


9 The voiceprint is 
stored in a speaker 
registry database. 


< 


— 
Ackess 


=a 


3 ] The user is au- 
thenticated and granted 
access, or he is rejected. 
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brain functions. By) 


She may be only a robot baby orangutan, but 
someday Lucy may tell us about how 
the cerebral cortex of the brain works. 

And when she does, she’ll be able to 
help people develop and build new 
computational architectures inspired 
by biological systems, as well as appli- 
cations based on those systems that 
are more adaptable, intelligent and 
robust, according to Steve 
Grand, Lucy’s creator. 

Grand, a recognized authority 
on artificial life and the founder 
of Cyberlife Research Ltd., an 
artificial intelligence research 
company in Somerset, England, has 


Digital ee — reveal 


written a book about Lucy, Growing Up | 


With Lucy: How to Build an Android in 
Twenty Easy Steps (Weidenfeld & 
Nicolson), due out in January. 

Grand says he hopes Lucy can tell 
him the basic operating principles of 
the brain — engineering that evolution 
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discovered when it came to making 
nervous systems but that mankind 
hasn’t yet unraveled. He is looking to 
use the neural building blocks of the 
brain as a map for creating AI. 

Grand says there are two kinds of AI: 
“soft” AI, which tries to create high-lev- 
el reasoning by explicitly programming 
rules for it into a computer, and “hard” 
Al (his preference), which in- 
volves making machines that are 
genuinely intelligent and can 
teach themselves. Enter Lucy. 

“What I’m interested in are 

. the principles that enable a 
brain to organize itself into a set of 
machines that enable it to do all the 
things that brains do,” Grand says. He 
wants to find the basic principles that 
enable the cerebral cortex to wire itself 
up in response to experience, until it 
becomes a very complex and special- 
ized set of computing machines. 





“How does that happen? It’s com- 
pletely unlike any technology we’ve 
ever made. It’s as if you could take 50 
million transistors and stick them in 
a heap on the carpet and show them 
Microsoft Office, and half an hour lat- 
er, they'll spontaneously assemble 
themselves into a computer.” 

Grand says he wants to replicate that 
in Lucy with neural networks simulat- 
ed on PCs. Lucy’s intelligence will be 
a consequence of the interactions be- 
tween thousands of simulated neurons. 
His goal is to develop a machine that 
can supplement or even supercede the 
digital computer — a machine that can 
think and learn. 


On Her Own 

Grand says Lucy is developing the abil- 
ity to learn by herself. So far, she has 
learned to point to a banana — any ba- 
nana: a green banana, a yellow banana, 
a big banana, a small banana. If you 
show her an apple and a banana, she 
points to the banana. 

Grand says he hasn’t programmed 
Lucy to do that; instead, he has given 
her a model of the bit of cerebral cor- 
tex that knows how to do it. “It doesn’t 
sound like a huge achievement. Why 
not just program a computer to recog- 
nize yellow?” he asks. 

But, he says, Lucy solved a whole 
series of problems by herself like de- 
tecting the lines that form the edges of 
the banana regardless of what position 
it’s in or how far away it is, and she fig- 
ured out how to point at it. 

Thanks to a $68,000 grant from The 
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National Endowment for Science, 
Technology and the Arts in London, 
Grand purchased 15 new computers 
and is building an improved Lucy. 

When Lucy’s new body is complete, 
she should have a voice as well as better 
eyesight and hearing, and she should be 
able to move her arms and legs, Grand 
says. He hopes Lucy will soon be learn- 
ing to crawl and ultimately walk. He 
also hopes she will be able to repeat 
simple sounds, like toddlers do. 

“Lucy won't be very smart, but it 
won't be far from the truth to say she’ll 
have a mind of her own, albeit a very, 
very stupid one,” Grand says. 

Think of the robots that build cars, 
Grand says. “They don’t adapt. If they 
go to pick up a part and it’s not there, 
they pick up air. We have to build them 
so that one day they will be able to 
adapt to [different situations].” 

But the question remains: Will he be 
able to do it? 


Limits of Knowledge 

Well, maybe, says Larry Yaeger, an ex- 
pert on AI and a distinguished scien- 
tist at Apple Computer Inc. who lives 
in Bean Blossom, Ind. “With Lucy, 
[Grand] appears to be taking no short- 
cuts with sensory inputs or motor out- 
puts, as he is striving to integrate real 
vision and audition, as well as voice, 
arms and legs,” Yaeger says. 

That said, Yaeger claims that the 
greatest difficulty Grand faces is man- 
kind’s limited knowledge of human 
brains. “The wiring diagrams, the de- 
tails of the different kinds of neural and 
synaptic mechanisms and the almost 
unexplored influence of the baths of 
chemicals our brains are awash in, [are] 
still very much in its infancy,” he says. 
“But it’s possible that what we already 
know is enough for Steve to succeed.” 

But, Yaeger cautions, “I believe that 

. the complexities of those wiring dia- 
grams are more likely to yield to evolu- 
tion than to engineering. [Grand] be- 
lieves design is the answer. I think 
evolution, and a willingness to evolve 
and learn from very primitive organ- 
isms first, before we hope to obtain 
simian or human-level intelligences 
in the computer, may be the better ap- 
proach. But if anyone on the face of the 
earth can engineer intelligence from 
scratch, I believe it would be Steve 


Grand.” @ 42400 
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SSL Broadens 
VPN Access 


Affordable Secure Sockets Layer virtual 
private network opens corporate network 
to more users than a hardware VPN, but it 
presents new challenges. By Vince Tuesday 


HE MOST IMPORTANT 

document a security 

professional can write 

isn’t a policy document; 
it’s his résumé. 

I’ve been checking résumés 
lately because we need to re- 
place a member of my staff 
who’s moving to our New 
York office. 

One went on at 
length about the ap- 
plicant’s ISO 7799 
skills and experience, 
but ISO 7799 is the in- 
ternational standard 
for “Metallic materi- 
als — sheet and strip 3mm 
thick or less — Reverse-bend 
test.” I imagine the candidate 
meant ISO 17799, “Code of 
practice for information secu- 
rity management.” Reject. 

Even candidates who man- 
aged to avoid résumé errors 
fell by the wayside. One decid- 
ed to give up during the phone 
interview because he felt he’d 
blown it; he hadn’t until he 
told me he wanted to give up. 
Another merrily told me his 
corporate LAN password dur- 
ing the interview. 

Between filtering résumés 
and arranging interviews, I 
have to do my real job. This 
week, it involved getting ap- 
proval for a lightweight secure 
remote-access system. 

Last month, I wrote about 
the full virtual private network 
(VPN) that we’re launching 
[QuickLink 42098]. But that 
requires a company machine 
at the remote end with layers 
of hardware and software, so 
many users are excluded from 
using it because of the cost. 
But many users who lack a 


latinas iad ceae 


SECURITY 
MANAGER'S 
JOURNAL & 


| company machine and con- 
nection would like to access e- 

|} mail and other applications. 

| Increasing numbers of staffers 
have broadband connections. 
If we had a lightweight re- 
mote-access system, they 

| would be able to work longer. 

Our IT group has designed 

a Secure Sockets 

Layer (SSL) VPN 

from Fort Laud- 

erdale, Fla.-based 

Citrix Systems Inc. 

that lets users access 

our network over 

| the Internet using 

| only a Web browser. 

However, there are security 

| problems with any remote- 

| access method. In this case, by 

| opening our corporate net- 
work to the outside world, we 
might leak important data or 

| allow attackers to get past our 

defenses. We use Bedford, 

Mass.-based RSA Security 

Inc.'s SecurID technology to 

| authenticate each remote user. 

We also use SSL to encrypt 

| data in transit. 


[The VPN] requires 
a company machine 
. . . With layers of 
| hardware and soft- 
ware, SO many 
users are excluded 
from using it 
because of the cost. 
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This all sounds properly se- 
cure, but what if the remote 


end is infected with a worm or | 
| checking software wouldn't let 


a virus? An infected remote 


| machine could hijack the ses- 


sion or record keystrokes of 
internal passwords. This can 
happen in the period after the 
initial authentication and be- 
fore the system encrypts the 
data to be sent. 

We’re very keen not to be 


| caught in that way, and yet we 
| can’t rely on remote users to 


install, configure, update and 
maintain decent antivirus soft- 


| ware. Home users, like corpo- 


rate IT, get sloppy and miss 
updates, but with home users, 


| we aren’t there to monitor and 
| catch the problems. Also, 
| some staffers will be accessing 


the system from Web cafes 
around the world, so we can’t 
even rely on our client soft- 
ware being in place. 


Work-around 


| To get around this issue, we 
| are using Austin-based Whole 


Security Inc.’s Confidence On- 
line virus-checking tools. 
These tools are downloaded 


| and run every time the user 


connects over the Web. They 


| look for common Trojan-horse 
| 


and key-logging software and 


| deny connections if the re- 


mote end is infected. 

I was initially a bit suspi- 
cious of the product because I 
had heard that this kind of 
software often compromises 
on security due to the difficul- 
ty of getting code small 
enough to download and run 
quickly over a remote connec- 


| tion. Some competing prod- 


ucts just look for the name of 
a Trojan horse, but few attack- 
ers are polite enough to run 
their software using a well- 
known backdoor name. 

The Trojan-horse checker 
didn’t fall short. I was im- 








pressed that it was clever 


| enough to spot Trojans in 


which the executable file 
names had been altered. I was 
even more impressed when I 
ran the final stage of my tests. 
I infected a machine with 
tens of Trojan horses and then 
cleaned it out using our com- 
pany-standard antivirus soft- 
ware. You'd think that once I'd 
deleted everything that the 
antivirus software complained 
about, it would be safe to con- 
nect. But no, the Trojan-horse- 


me in until I deleted five ver- 
sions of Trojans that the anti- 
virus software didn’t spot. 

I’m happy that the Trojan- 
horse checker worked so well, 
and I’ve given the green light 
to the VPN software. However, 
the test results have revealed a 
new set of problems. If our an- 
tivirus software doesn’t detect 
the Trojan horses, how do we 
know we don’t have them in- 
ternally? Antivirus vendors 
have been sued by software 
writers who claim that their 
Trojan horses are legitimate 
remote-control tools. If anti- 


| virus programs don’t pick up 


Windows Terminal Services, 
then they shouldn’t detect 
their products, they claim. I 
don’t buy that, and I hope 
Confidence Online keeps de- 
tecting as well as it does. 

I’m looking into rolling out 
the Trojan-horse checker into 
our intranet Web servers so 
that desktops can be checked 
from a central location when- 
ever they access the phone 
book. Perhaps we can run the 
tests as part of a log-in script 
when users authenticate. It 
feels odd to know that our ex- 
ternal users may be better pro- 
tected than insiders. Perhaps if 
I finally get an applicant who 
knows the difference between 
bending metal and security 
management, he can help 
solve these problems. DB 


WHAT DO YOU THINK? 


This week's journal is written by a real 
security manager, “Vince Tuesday,” whose 
name and employer have been disguised 
for obvious reasons. Contact him at vince. 
tuesday@hushmail.com, or join the dis- 
cussion in our forum. QuickLink a1590 


To find a complete archive of our 
Security Manager's Journals, go online to 
© computerworld.com/secjourna! 
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Security Bookshelf 


Practical Unix & 


oe 


be taken seriously as a Unix 
systems administrator or a 
power user, then you need to 
understand and propose solu- 
tions to security problems. 
This comprehensive 1,000- 
page book provides the back- 
ground, tools and suggestions 
from administrators needed to 
understand Unix and Internet 
security. The latest edition 
squeezes in much more infor- 
mation than the second. | par- 
ticularly liked the detailed cov- 
erage of Mac OS X, which! 
haven't seen anywhere else. 
It’s a worthy update. 

- Vince Tuesday 


Mazu Updates Net 
Traffic Analyzer 


Anewly released version of 
Mazu Networks Inc.'s Profiler 
network traffic analysis prod- 
uct can spot unauthorized net- 
work activity and track appli- 
cations that use so-called 
ephemeral ports, which pose a 
security risk to companies, 
says the Cambridge, Mass.- 
based network security ven- 
dor. Mazu Profiler Version 3 is 
designed to offer improved 
features for creating use and 
access policies for a network. 
It also has improved reporting 
capabilities for forensic analy- 
sis of compromised networks 
and contains features that en- 
able administrators to track 
file transfer protocol (FTP) 
servers that don’t rely ona 
predefined communications 
port. These ephemeral ports 
can make FTP applications 
difficult to track and monitor, 
Mazu says. 





The right management can increase 
the storage capacity of your existing infrastructure. 
BrightStor 
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New Integration 
Platform Arrives 


InterSystems Corp. in Cambridge, 
Mass., last week announced an 
integration platform called En- 
semble that comes with integra- 
tion and application servers, an 
object database, and develop- 
ment and management tools. En- 
semble is available now on Unix 
and Windows. Pricing starts at 
$125,000 per CPU. 


Unifact Launches 
.Net Analysis Tool 


Boston-based Unifact Corp. has 
introduced UniViz Analytics, a 
browser-based ad hoc data 
analysis tool that’s designed to 
work with Microsoft .Net client 
Web technology. UniViz Analytics 


offers the power of an online ana- | 


lytical processing/analysis tool 


while providing a dashboard-style 


interface, said Unifact. The sys- 
tem, which includes low-band- 
width support for remote users, is 
priced starting at $10,000. 


Serena Upgrades 
TeamTrack System 


Serena Software Inc. is shipping 
Version 6 of its TeamTrack proc- 


ess management software for ap- | 


plication development teams. 
New features include a manage- 
ment dashboard portal, a role- 
based user interface and a Web- 
based, configurable workflow 
library. An implementation for 25 
users sells for about $27,000, 


said a spokeswoman for San Ma- 


teo, Calif.-based Serena. 


Manugistics Offers 
RFID Support 


Manugistics Group Inc. is offering | 


support for radio frequency iden- 


tification (RFID) tag technology in 


its supply chain management 
software products. RFID-enabled 
products include the Rockville, 
Md., company’s fulfillment and 
transportation optimization soft- 
ware and its order and delivery 
management products. 
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Warning: Don't Bu 
Security Snake O 


O INDUSTRY has more false prophets, 
blowhards and snake oil salesmen than 
IT security. IT professionals just want se- 
cure, well-designed technologies. What 
they usually get are core technologies 
with security holes (which hackers regularly strafe 
with probes and attacks), Band-Aid fixes, empty 
promises, questionable advice and a shower of “must- 
have” appliances that clog up the network perimeter 
more densely than a Washington Beltway traffic jam. 


Certainly, corporate IT 
has had a role to play in al- 
lowing the current, sad 
state of affairs to unfold, as 
Computerworld columnist 
Paul A. Strassmann pointed 
out last week [“CIOs Share 
the Blame,” QuickLink 
42431]. 
But let’s not forget about 
the vendors of security 
products and services that 
promote themselves as 
your salvation from hacker [ae 
attacks, viruses and other threats. 
They’re really just selling you prod- 
ucts — and more of them every day. 
The unwelcome truth is that most 
security products are compensating 
for vulnerabilities in the basic IT ar- 
chitecture, an infrastructure that was 
never designed to be lashed onto the 
anarchic, business-unfriendly wide- 
area network that is the Internet. Busi- 
nesses have even opened up their data 
centers to this vulnerability-riddled 
WAN. Think back for a minute. If you 
had dumped that value-added network 
service back in 1994 for such a disorga- 
nized and unsecured communications 
network, you’d have been out of a job. 
But here you are, working with secu- 
rity tool vendors that tout “solutions” 
but whose business depends on main- 
taining a rather unhealthy symbiosis 
between themselves and the hackers 
against whom you need to be protect- 





ed. A billion-dollar indus- 
try has been built by treat- 
ing the symptoms, rather 
than the cause. Years ago, 
one antivirus software ven- 
dor enthusiastically offered 
a reward to those who “dis- 
covered” a virus in the wild 
so that it could be the first 
to offer a signature. Nega- 
tive publicity stopped this 
pay-the-hacker strategy in 
its tracks. But today, virus 
writers and antivirus ven- 


dors are still locked in a strange em- 


brace. Hackers get a cheap thrill from 
rising to the top of vendors’ top 10 lists. 


| Vendors get to sell a steady flow of 
| new antivirus signatures. 


Meanwhile, a small army of security 
experts with their own biases bloviate 
ad nauseam about what’s wrong with 


| IT security while constructing grand 


theories about how wonderful things 
would be if everyone would just do as 
they say. The most recent distraction: 
a return to heterogeneous computing 
on the desktop. 

This simplistic line of thinking ap- 
plies the idea of biodiversity to the 


| health of one’s IT infrastructure. A 


mixed computing environment of 
Macintosh, Linux and Windows PCs 
should be more resistant to threats, 
proponents say. Several pundits sup- 
port this idea, including Dan Geer, for- 
mer CTO at Cambridge, Mass.-based 





security services firm @stake Inc., 
who was fired from his job in Septem- 
ber for co-authoring a controversial 
report called “CyberInsecurity: The 
Cost of Monopoly. How the Domi- 
nance of Microsoft’s Products Poses a 
Risk to Security.” Even Gartner has 
promoted this idea. 

But the authors’ thinly veiled resent- 
ment of the Microsoft “monoculture” 
(read: “monopoly”) and the Windows 
vendor’s failure to address their secu- 
rity concerns comes off more like a 
call for insurrection than a well- 
thought-out security strategy for the 
enterprise. And why focus myopically 
on Microsoft when there’s plenty of 


| blame to go around? What about the 


Cisco “monoculture”? Or Intel? 

IT diversity can certainly lessen the 
impact of a security event by limiting 
the damage to a subset of machines. 
But there’s a reason why IT planners 
have largely standardized on a single 
desktop operating system: It’s easier to 
manage. It took years to standardize 
the desktop on one operating system. 

Does any sane IT organization really 
want to replace 50,000 PCs with a mix 
of Macs, Linux and Windows ma- 
chines and then re-engineer the man- 
agement tools, support and applica- 
tion sets to make it all work? And het- 
erogeneity is less of a concern in the 
server world, where competing oper- 
ating systems already exist in many 
companies. 

I can’t tell you the specifics of how 
to solve these problems. But it’s clear 
to me in talking with Computerworld 
readers that corporate America is run- 
ning out of patience. The Internet and 
the IT infrastructures that connect to 
it must evolve quickly to a more struc- 
tured and secure form, or the business 
that depends on them today will be 
conducted elsewhere. @ 42618 
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Supply Chain vs. Supply Chain 
IT has a big — and difficult — role 

to play as the nature of business com- 
petition changes from company vs. 
company to supply chain vs. 

supply chain. Page 44 


OPINION 

Outsourcing’s Dirty Little Secret 

Bart Perkins says many users wind up unhappy with 
their outsourcing deals, for reasons ranging from 
“sales puffery” to insufficient performance monitoring. 
Sometimes it’s simply because the execs who were 
enthusiastic about the deal have left. Page 46 





Savvy companies 
are using CRM 
and special Web 
features to make 
wealthy customers 
feel pampered. 

By Steve Ulfelder 
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HEN A HIGH ROLLER 

steps into a Harrah’s 

casino, the host — 

whose job is specifi- 

cally to look after 
such top players — is likely to ask 
about his wife by name, tell him his 
suite has been stocked with his favorite 
brand of cigars and slip him tickets to 
that week’s PGA golf tournament. 

And this personal touch occurs 
whether the gambler is in the Las Ve- 
gas casino he has frequented for years 
or is visiting Harrah’s in Atlantic City 
for the first time. 

The key is Harrah’s Entertainment 
Inc.’s Player Contact System, a sophis- 
ticated Web-based application. “Our 
competitors spend money tearing 
down [and replacing] casinos,” says 
Tim Stanley, CIO at Las Vegas-based 
Harrah’s. “We spend on technology. 

If you’re a good customer, we do 
everything we can with IT to retain 
your business.” 

Having grasped the reality that the 
rich are, indeed, not like you and me (if 
only because they have more money), 
businesses are using IT to identify, 
market to and generally pamper them. 

Companies hasten to say that they’re 
not slighting those with lesser incomes; 
Stanley says Harrah’s “sweet spot is not 
the high rollers but the ‘middle rollers, ” 
those empty-nesters who are seldom 
multimillionaires. Nevertheless, there’s 
no denying the impact of wealthy cus- 
tomers on businesses in industries 








such as financial management, travel 
and leisure, retail and automotive. 

According to Gartner Inc. analyst 
Kimberly Collins, “When organiza- 
tions do a formal calculation, they of- 
ten find the 80-20 rule applies — the 
top 20% of their customers account for 
80% of revenue. In some companies, 
it’s 90-10.” 

With that kind of money on the table, 
it’s no wonder that companies are de- 
veloping Web sites and CRM systems 
with an eye toward the affluent. And 
their results appear to justify the in- 
vestments — whether they’re luring 
high rollers away from other casinos or 
tactfully informing a retail customer 
that those to-die-for Manolo Blahnik 
kidskin midheel halter pumps will set 
her back $445 a pair. 


Driver’s Seat 
Jaguar Cars Ltd., a unit of Ford Motor 
Co. with North American headquarters 
in Irvine, Calif., is recommending that 
its dealerships use a recently upgraded 
CRM system to identify and please 
upper-crust customers. 

“We're offering technology to help 
them better track the customers they 


, CIO at Harrah's Entertainment, says the company has cultivated customers by = | do have, as well as prospects,” says 
putting technology dollars behind its loyalty program and Player Contact System Web application. & Mary Magrino, IT director at ee 
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Premier Automotive Group, North 
America, which also includes the Lin- 
coln-Mercury, Land Rover, Volvo and 
Aston Martin brands. “We want the 
dealers to be able to get more struc- 
tured information — something more 
efficient than keeping index cards.” 

The CRM tools that headquarters 
recommends (but doesn’t mandate) for 
Jaguar retailers include Right Relation- 
ship 360 from Chicago-based ADP Inc., 
and Contact Management from The 
Reynolds and Reynolds Co., a Dayton, 
Ohio-based vendor. 

Once prospects become Jaguar own- 
ers, the company takes pains to make 
them feel that they’ve joined an exclu- 
sive club, according to Melissa Grady, 
Jaguar’s relationship marketing manag- | 
er. Many of the perks enjoyed by club 
members have become routine for 
owners of high-end cars: a toll-free 24- 
hour roadside assistance number, a 
complimentary magazine, free mainte- 
nance during the warranty period and 
cross-branding tie-ins with Hertz 
rental cars and Starwood Hotels. 

In addition, the company has 
launched myJaguar.com, which offers 
customers a personalized Web site that 
includes information such as the own- 
er’s manual for their model, mainte- 
nance-tracking software and recall no- 
tices. Grady says Jaguar is updating the 
site “to make it more personal and 
highlight customer benefits” but de- 
clines to be more specific. 

Erin Kinikin, an analyst at Forrester 
Research Inc. in Cambridge, Mass., 
calls such customer-specific Web sites 
prime examples of the extras business- 
es bestow on affluent customers. 


Among the 
most likely Internet purchases 
were nonbusiness air travel; 
stocks, bonds and mutual funds; 
and nondesigner apparel. 


JENT AMERICANS.” 
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Jaguar also slices its databases by re- 
gion to invite customers to some pretty 
hoity-toity affairs. For example, Wash- 
ington-area Jaguar owners were re- 
cently invited to a private premiére 
showing of a National Geographic TV 
special about jaguars in the wild. 
Jaguar has associated itself with the 
animal it’s named after because its de- 
mographic studies have showed that 
the conservation pitch is popular with 
its well-heeled buyers. 


Improving the Odds 
According to Harrah’s Stanley, the 
$4.14 billion company’s investment in 
customer-coddling technology has 
helped it prosper — partly because it 
helps Harrah’s pursue a more cost- 
effective strategy than many competi- 
tors. Casinos are generally most prof- 
itable during their first few years. 
When a new facility’s glitz fades, prof- 
its usually do, too — which is why gam- 
bling palaces are so frequently dyna- 
mited and replaced. 

But Harrah’s has eschewed the 
trend toward expensive theme-park- 
style casinos, focusing instead on be- 
ing what Stanley calls “the top-of- 
mind choice for serious gamers.” 

With its loyalty program and Player 
Contact System attracting such cus- 
tomers, including “whales” (industry 
slang for elite high rollers), Harrah’s 
has increased same-store sales 18 
quarters in a row, according to finan- 
cial statements. 

Moreover, Stanley credits the loyalty 
program and Player Contact System 
with boosting market share. He says 

Harrah’s metrics indicate that in the 

past four years, the company’s share of | 
customers’ total gambling budget has__| 
risen from 35% to 43%. “There’s a $1.10 
rise in our stock price for every per- 
cent increase,” Stanley says. 

Key components of the Player Con- 
tact System include a Teradata active 
data warehouse from NCR Corp., mid- 
dleware from Tibco Software Inc. and 
a new client-facing application from 
Blue Martini Software Inc. that was 
designed for retailers and has been 
heavily customized by Harrah’s. 

The Player Contact System is, in 
turn, one component of Total Rewards, 
the loyalty system Harrah’s has been 
refining since 2000. The casino chain 
— which has 26 locations in 13 states 
— encourages customers to use a loy- 
alty card for as many purchases as pos- | 
sible, from nickel slots to room charges 
to swank no-limit tables. The cards 
feed data back to Harrah’s. Stanley says 
it takes only a couple of visits for the 





system to make accurate guesses about 


spending an estimated $1 billion on a 
system that will allow the company's 
financial advisers to better collect and 
share data on customers in its Global 
Private Client Group, which caters to 
investors with more than $1 million in as- 
sets. The massive Web services project, 
which will use Siebel Systems Inc. CRM 
ae 


change nae 
reach the well heeled. According to. 
Forrester Research, 44% of investors 
with more than $1 million in assets visit 
their online brokers’ Web sites, com- 
pared with only 25% of less wealthy 
investors. 

The same Forrester study found that 
the affluent seek a certain type of luxury 
experience online. Rather than glitz, 
they demand “convenience, confidence 
and control,” the report says. 

~ Steve Ulfeider 


whether a customer fits into one of the 
casino’s two highest segments, dubbed 
“avid experience players” and “very 
important players.” 


‘Addictive’ Service 
According to Forrester’s Kinikin, one 
of the top challenges when dealing 
with the rich is identifying them in all 
channels. “Good service is addictive,” 
she says. “Once you get it, you want it 
all the time.” Interestingly, she adds, 
the laggard channel tends to be the 
physical store. When an affluent client 
appears online or calls, customer ser- 
vice representatives in contact centers 
can immediately peg them as high 
rollers. This raises the customer’s ex- 
pectations, which may be dashed when 
he wanders into a store belonging to 
the same company and is treated like 
one of the great unwashed. 

In that respect, the Seattle Mariners 
are fortunate: Their regular customers 
— that is, season ticket holders and 
luxury suite owners — have assigned 
seats. Last year, the baseball team 
switched from a largely paper-based 
customer-care system to a CRM system 
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from Onyx Software Corp. in Bellevue, 
Wash. The software allows the team to 
track complaints and requests from 
season ticket holders as well as any- 
body enrolled in the team’s loyalty pro- 
gram, says Larry Witherspoon, vice 
president of technology services. 

Onyx helps the Mariners pamper 
suite owners through an approach that 
marries high touch and high tech. 
From the time a corporate customer or 
other high roller calls the club to order 
a suite, the in-house catering, house- 
keeping and ticketing groups are auto- 
matically notified of any special re- 
quests, “and the account exec can just 
pop in to visit the client” during a 
game, Witherspoon says. He says the 
team has reduced complaints from lux- 
ury suite holders a whopping 80% 
since implementing the software. 


Searching in Style 
Technology aimed at enticing the rich 
goes beyond CRM. One well-to-do 
technology company executive with 

a 1,200-mile weekly commute was 
such a regular passenger on the same 
flights up and down the West Coast 
that his airline took to paging him 
when those flights ran into delays. 
Kinikin says this type of proactive ser- 
vice is exactly what companies must 
offer affluent customers in order to 
retain their business. 

Even the way the rich think about 
shopping is different, researchers have 
found, and upscale companies’ Web 
sites are changing accordingly. Last 
year, Neiman Marcus implemented 
One Step, a natural-language search en- 
gine from iPhrase Technologies Inc. in 
Cambridge, Mass., at the retailer’s Web 
site. Neiman Marcus’ research showed 
that high-end shoppers are much more 
specific about the items they’re seek- 
ing than average shoppers. For exam- 
ple, while a Target shopper might sim- 
ply search for “pocketbooks” and sort 
by price, a Neiman Marcus customer is 
more likely to search for “cloth Kate 
Spade totes with leather trim.” 

According to a Neiman Marcus 
spokesman, the retailer has tripled its 
conversion rate — the percentage of 
online shoppers who follow through 
and make a purchase. The spokesman 
adds that those shoppers return to the 
site twice as often as they used to. 

Apparently, the rich know exactly 
what they want — and if you want 
their business, you need to know ex- 


actly how to deliver. @ 42371 





Ulfelder is a contributing writer in 
Southboro, Mass. Contact him at 
sulfelder@charter.net. 
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HE NATURE Of business competition 
is changing in a fundamental way, 
and the repercussions for IT are 
profound. The classic model of 
company vs. company is starting to 
give way to a new model: supply 
chain vs. supply chain. In the 2st 
century, being the best at producing 
or selling a superior product is no 
longer enough. Success now depends on assembling 
a team of companies that can rise above the win/lose 
negotiations of conventional trading relationships 
and work together to deliver the best products at the 
best price. Excellence in manufacturing is just the 
admission fee to be a player in the larger game of 
supply chain competition. 

We’ve all seen the harbingers of this upheaval. The 
stories of how Dell Inc. and Wal-Mart Stores Inc. 
devastated their competition by reinventing their 
supply chains are now firmly established in business 
folklore. But the implications of the new competition 
run far deeper than a few spectacular success stories. 
Getting the supply chain right is no longer just an ex- 
citing opportunity. It’s a survival skill. 

There are two other business stories that should 
be posted in our collective consciousness right be- 
side those of Dell and Wal-Mart: the tortuous expe- 
riences of Nike Inc. and Cisco Systems Inc. when 
they ran into trouble with their supply chains. In 
Nike’s case, the crisis came in May 2001, when the 
Beaverton, Ore.-based company announced that the 
sales for the preceding quarter were $100 million 
lower than expected because of confusion in its sup- 
ply chain. This loss, while impressive, was soon 
eclipsed by Cisco’s announcement that it was writing 
down $2.2 billion in unusable inventory due to prob- 
lems in its supply chain. It was the largest inventory 
write-off in the history of business. 

These are compelling demonstrations of the im- 
portance of keeping supply chains running smoothly. 


Thevery nature of business competition is changing, 
andlIT has abig, challenging role. By David A. Taylor 
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From the customer’s point of view, supply chains 
FlecM ide) (EUV Mem UME eter molec cM alctele) (rte 
tions and careful synchronization of deliveries 
don’t matter to consumers. For them, it all boils 
down to which retailer can sell thém the best 
Peel eM ae eM RTT) mel UL 
Crm OM Ure TMT TPR UROL Cem O ULM (erst omim Dats 
chart illustrates the point by showing how a sup- 
ply chain that’s consistently cost-effective across 
Ur Ramer SR UE eect elles 
in only one link. 


But these operational losses, large as they are, repre- 
sent only part of the true cost of supply chain fail- 
ures. The larger hit comes when companies reveal 
their mistakes to the financial markets. The day 
Nike announced the breakdown in its chain, the 
company’s stock dropped 20%, an amount so stag- 
gering that it makes the $100 million loss seem 

like pocket change. 

That’s a huge penalty to pay for a single failure, but 
it’s not atypical. A study by Vinod Singhal and Kevin 
Hendricks in the January 2002 issue of Supply Chain 
Management Review examined supply chain prob- 
lems at 1,131 companies from 1989 to 1999. They 
found that companies reporting such problems suf- 
fered an average drop of 7.5% in their stock price the 
day of the announcements. This loss of value was no 
temporary setback; the decline in valuation began as 
early as six months prior to the announcements and 
often continued for six months afterward. The total 
drop over the 12-month period was a whopping 


18.5%, with an estimated loss in shareholder value av- | 


eraging more than $350 million per incident. 

How does this shift in the nature of competition 
affect IT departments? For starters, it means they 
need to support yet another generation of enterprise 
applications, with all the growing pains and integra- 
tion problems that entails. Although supply chain 
management software forms a tidy category on in- 
dustry analysts’ charts, in reality, it’s an odd con- 
glomeration of packages from a variety of vendors, 
few of which are large and stable players. 

The mainstay application is the advanced planning 
and scheduling (APS) system, which offers a mix of 
design and planning tools that use 
mathematical techniques to opti- 
mize the flow of goods across the 
chain. It generally includes sepa- 
rate planning modules for manag- 
ing demand, distribution, produc- 
tion, material requirements, pur- 
chasing and fulfillment, all of 
which have some overlap with the 
modules of enterprise resource 
planning systems. Linking an APS 
system to an ERP system, although 
simple in principle, is a major inte- 
gration project. 

Other supply chain applications 


er me eM Cee Cie 


include multimodule systems for managing ware- 
housing, transportation, customer relationships and 
supplier relationships. There are also newer systems 
for monitoring the chain as a whole and responding 
to problems as they occur. These packages come 
from many vendors and are built using a wide range 
of technologies, which further complicates the inte- 
gration process. Integration problems are gradually 
being solved, largely through major ERP vendors in- 
corporating supply chain applications into their flag- 
ship products, but the industry hasn’t yet matured to 
the point where installing supply chain 
software is simple or safe. 

The examples cited previously illus- 
trate how great the burden of failure can 
be. Nike’s supply chain crisis was caused 
by a failed installation of i2 Technolo- 
gies Inc.’s APS system. And Cisco’s $2.2 
billion write-down was due in large part 
to a materials planning system that allowed demand 
for components to be double- and triple-counted 
across its suppliers. 

Another example is Kmart Corp., which an- 
nounced in May 2000 that it was spending $1.4 bil- 
lion on software and services to overhaul its supply 
chain, including planning systems from Dallas-based 
i2 and warehouse management software from EXE 
Technologies Inc., also in Dallas. 

A year and a half later, before the systems ever 
went live, Troy, Mich.-based Kmart announced that it 
was abandoning most of the software it had pur- 
chased and was instead buying $600 million worth of 
warehouse management software from Atlanta- 

based Manhattan Associates Inc. 
This new push also failed to solve 
the company’s supply chain prob- 
lems, and it went into bankruptcy in 
January 2002 [QuickLink 26716]. 

In short, managing the adoption 
of supply chain software is a per- 
ilous business at best. But the diffi- 
culties of implementing a new gen- 
eration of enterprise software are 
only a small part of the challenge 
facing IT organizations. The greater 
challenge lies in the fact that, in the 
new competition, the true enter- 
prise is the supply chain itself, not 
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the companies that make up that chain. 

To date, supply chain software has taken a compa- 
ny-centric view, with each member of the chain host- 
ing its own systems and independently representing 
its trading partners and their actions. This is a stop- 
gap measure at best; effective supply chain manage- 
ment will ultimately require systems that cross orga- 
nizational boundaries at will. The days of closed cor- 
porate software are coming to an end. The new com- 
petition will usher in an era of highly distributed, 
multicompany software systems 


A New Model 


| The infrastructure to support these distributed sys- 


tems is now in place, and the software stack for this 
new generation of systems looks very different from 
the classic model. The platform for multicompany 
systems is, of course, the Internet, though the result- 
ing networks will usually be implemented as ex- 
tranets for security reasons. The key communication 
protocol is XML, which has already become the stan- 
dard for information exchange between companies. 
The next key ingredient is the Simple Object Access 
Protocol, which allows applications to make remote 
procedure calls to one another using XML to format 
their requests and replies. SOAP is the enabling tech- 
nology for Web services, which allow applications 

to be more loosely coupled and call upon each other 
on an ad hoc basis. 

This is a formidable stack of new technologies, 
but they’re only the basic platform for 
the real business functionality. To en- 
able multicompany planning and trans- 
actions, existing applications for manag- 
ing local production and supply have to 
be made accessible to Web-service re- 
quests so they can become part of a 
larger, chain-spanning system. Beyond 

this, some form of collaboration software is re- 
quired to coordinate the efforts of planning and 
production teams across member organizations. 

And all of this will have to be installed, managed 

and maintained by teams of IT professionals drawn 
from different companies and operating out of dif- 
ferent locations. 

Sound like a challenge? It is, but look on the bright 
side. IT organizations spent the last part of the 1990s 
struggling to solve the Y2k problem before the clock 
ran out, only to be hit by cutbacks and austerity mea- 
sures following the tech wreck of 2000. The emer- 
gence of Internet-based, multicompany supply chain 
systems is an opportunity to breathe new life into IT 
groups that are now bogged down in maintenance 
and repair. In short, the new competition brings with 
it an exciting mission for IT organizations. This mis- 
sion may seem only slightly 
less daunting than putting a 
man on the moon, but who 
could resist the opportunity to 
take up that kind of challenge? 

@ 42368 

Taylor is the author of the new 

book Supply Chains: A Manag- 

er’s Guide (Addison-Wesley, 

2004). Contact him at dtaylor@ 
| SupplyChainGuide.com. 
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Boeing Appoints 
Jamieson as CTO 


The Boeing Co. last week ap- 
pointed James Jamieson, 55, as 
chief technology officer. He has 
held various management posi- 
tions during his 27 years at the 
aerospace company and most re- 
cently was senior vice president 
for commercial airplane pro- 
grams. Jamieson replaces David 
Swain, who in July was named 
chief operating officer at Boeing’s 
Integrated Defense Systems unit. 


ShopKo Promotes 


Lynch to ClO 


ShopKo Stores Inc., a $3 billion 
Green Bay, Wis.-based retailer, 
has promoted Matt Lynch, 44, to 
senior vice president and CIO. 
Lynch had been vice president of 
operations and technology ser- 
vices since 1998, when he joined 
the company. His 20-year career 
in IT has included management 
positions at America West Air- 
lines Inc., Air Wisconsin Airlines 
Corp. and Runzheimer Interna- 
tional. in his new role, he will lead 
the strategy and implementation 
of IT programs for the company’s 
361 ShopKo and Pamida Inc. dis- 
count stores in 23 states. 


Online Inspection 
Service Taps CTO 


Trinity Inspection Services Inc., an 
Addison, Texas-based online com- 
pany that provides fast turnaround 
times for residential “draw in- 
spections,” has named David 
Schedler as CTO. He will help di- 
rect customer integration and the 
development of online services to 
meet growing demand from mort- 
gage lenders. Draw inspections 
are used to confirm that each 
phase of new construction meets 
the size specifications of the 
lender. As each phase is complet- 
ed, the lender releases payment. 
Trinity offers access to more than 
2,300 inspectors nationwide. 
Schedler has worked in IT for 20 
years, including management po- 
sitions at Picasso Software Inc. 
and BankSource Mortgage. 
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Outsource! 
Little S 


BART PERKINS 


UTSOURCING IS PERCEIVED as the 
silver bullet of the day, and many com- 
panies indeed benefit from it. But the 
dirty little secret of outsourcing has 
emerged: Everyone isn’t happy. 


By the end of the first ‘ 
year, more than 50% of the 
companies that have out- 
sourced major IT functions 
are unhappy with their out- 
sourcers, according to an 
informal survey of my 
clients. By the end of the 
second year, 70% are un- 
happy. Studies by Dia- 
mondCluster International 
Inc. and PA Consulting 
Group have also uncovered 
significant amounts of dis- 
satisfaction with outsourc- 
ing deals. 

Doing your homework 
thoroughly is the best in- 
vestment your organization 
can make in any attempt 
to outsource [QuickLink 36778]. 
Every corporation understands the 
importance of due diligence. Neverthe- 
less, many organizations try to cut the 
amount of time spent on investigation 
before signing the contract. But short- 
cutting the due-diligence process in- 


creases the likelihood of dissatisfaction | 


with your outsourcer down the road. 

Even with comprehensive due dili- 
gence and detailed contracts, many 
companies are unhappy with the re- 
sults of their outsourcing efforts. Some 
common reasons include: 

Changing leadership. In this situation, 
the leadership team that negotiated 
the original agreement isn’t in place 
during execution. Outsourcers rarely 
confuse sales with delivery, and they 
intentionally bring in a different team 
to manage delivery. In cases where a 
large percentage of IT functions get 





seems Outsourced, the IT execu- 
tives who negotiated the 
outsourcing deal often find 
their resulting jobs too di- 
minished to be satisfying, 
and they leave. Team mem- 
bers on both sides change, 
and the new group feels less 
ownership. The new team 
needs to form a strong bond 
by confronting a large, in- 
teresting and complex prob- 
lem that needs resolution. 
Mistaking the contract for the 
relationship. Just as a prenup- 
tial agreement doesn’t guar- 
antee a successful marriage, 
detailed contract terms 
don’t guarantee successful 
outsourcing (although the relationship 
will certainly be doomed without 
them). Moreover, some teams will 
focus exclusively on the details con- 
tained in a contract. In those cases, the 
original business intent is often lost — 
the contract becomes a substitute for 
leadership and clear thinking. 

In addition, team members on each 
side need to feel they have a strong 
personal relationship with their coun- 
terparts. Changes will inevitably oc- 
cur; global business is too dynamic to 
put every possible future event into a 
contract. Strong relationships will pro- 
mote a willingness to compromise 
when needed and find creative solu- 
tions instead of pointing fingers. 

Sales puffery. The outsourcer’s sales 
team is trained to understand the 
client’s needs and formulate saleable 
solutions. Their proposals often re- 
flect their fear that the competition 
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can meet the client’s demands. Since 
they know they won't have to deliver, 
salespeople often overcommit rather 
than risk losing the sale. 

Reduced appetite for risk. When a 
company makes a bold bet on new 
technology or new business process- 
es, the individuals responsible usually 
either receive rewards or suffer career 
harm. But the risks and rewards are 
never as personal with an outsourcer 
(including systems integrators). The 
outsourcer’s IT professionals aren’t 
compensated to take risks. They’re 
paid to make the outsourced functions 
operate as efficiently as possible and 
to meet service levels. They don’t 
have the chutzpah to make bold 
moves. So companies need to make 
any visionary changes they want 
before outsourcing. 

Insufficient performance monitoring. With- 
out regular, constructive, fact-based 
performance reviews with your out- 
sourcer, you have little chance of suc- 
cessful outsourcing. Even the best met- 
rics can’t contribute to success if they 
aren’t reviewed and used to improve 
performance. If your outsourcer ac- 
cuses you of unrealistic expectations, 
or if performance reviews become con- 
frontational, hire an unbiased third par- 
ty to validate the accuracy of the met- 
rics and run the review meetings. This 
will help diffuse tensions between your 
organization and outsourcer. 

Most of all, remember that the re- 
sponsibility for the success of out- 
sourcing remains with you — even 
after the contract is signed. Being 
aware of the obstacles will give you 
the leverage to overcome them, and 
increase the likelihood that your out- 
sourcing efforts will be successful. 
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iT Careers in E-Government 


hen Karen S. Evans, the former ClO for the 

Department of Energy, was named administrator 
for the Federal E-Government office, she inherited a list of 
24 major information technology initiatives — due by year- 
end 2004. They're divided into buckets - Government to 
Citizen, Government to Government, Government to 
Business, and Internal Efficiency and Effectiveness. Simple 
labels for a complex web of myriad IT programs and 
projects that link federal, state and local governments with 
one another, with citizens and with businesses. 


However, the E-Government movement doesn’t end in 
this country. E-Government efforts are a major priority as 
reflected by professional conferences being held in India, 
Italy and Estonia. In the United Kingdom, the national 
healthcare system resides on the web, for scheduling of 
appointments to record access. 


The challenges faced seem simple, but never ending. To 
tighten management and processes — to make them more 
accessible, more effective, and more responsive — E- 
Government will use information technology to create 
improvements. A Federal Enterprise Architecture has been 
developed, and now the various agencies are looking for 
ways to use past investments in finance and human 
resources systems, for example, and to upgrade systems 
that link and cooperate with one another. 


While Congress mandated the IT upgrade across all 
agencies, it also used the E-Government Act to address the 


Technical Lead: Take business Technical Lead: Take business 


issue of people and staffing. The federal agencies, through 
the Federal ClO Council, assessed existing skills and gaps — 
defining IT security, project management and solutions 
architecture as the most important skills to achieving the 
24 initiatives. The council also found that gaps do exist and 
that many IT project leaders needed additional technical 
skill. In addition, the E-Gov staff provides policy and 
analysis, skills that are needed on top of the technical 
competency. “The solution architect is a new breed (for us) 
— someone who investigates and recommends process, 
software applications and hardware solutions to the 
reengineered processes emerging from implementation, " 
said an E-Government official. 


The E-Government Office’s lead contractors — from 
giants Lockheed Martin and Northrop Grumman to 4,000- 
employee Symantec — face the same dilemma. They need 
qualified project managers and architects; they need 
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Computer Lead Client Server Software 


Analyst Columbus GA 


people who can analyze and make recommendations, and 
they need them now. One of the very first projects of 
E-Government, designed to improve and reduce cycle time 
for gaining security clearances, is part of the recruiting 
issue. “One of our E-Government initiatives, E-Clearance, 
eases the application process significantly as an electronic 
version is now available to agencies vs. the multi-page 
Paper version many of us have endured,” said the 
E-Government official. 


Another £-Government initiative, CyberCorp 
Scholarship program, is matching graduate security 
specialists to fill requirements across the federal 
government. And, this fall, the Federal ClO Council, as 
mandated by the E-Government Act, conducted the first 
Federal Clinger-Cohen IT Workforce Assessment Survey. The 
results will be used to assess whether federal agencies 
have the IT skills and professional certifications needed and 
to aid in recruiting, retention and development planning. 
Watch for results of the study at www.whitehouse.gov/omb 


and click on EGov. 


For more information about IT Careers advertising, 
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Vice President, Recruitment Advertising 
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500 Old Connecticut Path 
Framingham, MA 01701 
Produced by Carole R. Hedden 


Programmer Analyst Scientist will lead 


requirements and define a tech- 
nical architecture. Responsible 
for collaborating with colleagues 
on system integration and soft- 
ware architecture and working 
with business consultants to 
understand customer require- 
ments. Will develop and demon- 
Strate best coding and design 
practice. Further, design and 
develop applications, develop 
server-side Java/J2EE, design 
and optimize relational database 
schemas, and develop network 
applications. Requires: Masters 
in Math, Physics, Computer 
Science or Related Field with no 
experience or B.S. in Math 
Physics, Computer Science or 
related field with two years 
experience with software design 
and development 40hrs/wk 
(8:00 A.M. to 5:00 P.M.) 
$95,430.00/yr Send two 
resumes/responses to: Case 
Number 200203263, Labor 
Exchange Office, 19 Staniford 
Street, 1st Floor, Boston, MA 
02114 
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Miami, FL 33126. 


requirements and define a tech- 
nical architecture. Responsible 
for collaborating with colleagues 
on system integration and soft- 
ware architecture and working 
with business consultants to 
understand customer require- 
ments. Will develop and demon- 
strate best coding and design 
practice. Further, design and 
develop applications, develop 
server-side Java/J2EE, design 
and optimize relational database 
schemas, and develop network 
applications. Requires: Masters 
in Math, Physics, Computer 
Science or related field with no 
experience or Bachelors in 
Math Physics Computer 
Science or related field with 
three years experience in 
Software Design and Dev- 
elopment. 40hrs/wk (8:00 A.M 
to 5:00 P.M.), $95,430.00/ yr. 
Send two resumes/responses 
to: Case Number 200203262 
Labor Exchange Office, 19 
Staniford Street, 1st Floor, 
Boston, MA 02114 


Security Applications Software 
Engineer 

SSH Communications in Palo 
Alto. CA seeks’ Security 
Applications Software Engineer 
to perform entry-level research 
design, and development of 
security applications and soft- 
ware. Will write detailed descrip- 
tions of customer needs, program 
functions, and steps required to 
develop and use SSH, IPSec 
IKE, X.509 Technology Toolkits 
and other software computer pro- 
grams. Willi explain integration 
with security acceleration chips 
and work with tech support group 
utilizing Windows NT/98/2000 
Linux, NetBSD, Solaris, VxWorks 
Enhance. Must have Bachelor 
Degree in Computer Science, or 
equiv. 1 yr security software exp 
and detailed knowledge of X.509 
and PKCS, IKE and !PSec, IP, 
L2TP, and ASN.1. Fax resume to 
H.R. at 650-618-2601 


Systems Analyst in Trumbull, CT 
to design, develop, implement 
maintain and fine-tune 
Windows NT as well as tandem- 
based real time systems operat- 
ing in Guardian environments 
using C/C++, COBOL, Java 
DDL, TAL, and pTAL program- 
languages and Non-stop 
Enscribe, Enabie and 
Enform database technologies 
Industry experience and knowl- 
edge in financial products, mar- 
ket data preferred BS in 
Computer Science plus 1 yr. 
exp. as Systems Analyst or. 
alternatively, 3 yrs. exp. as 
Systems Analyst. Please send 
resumes to: The Nasdaq Stock 
Market, Inc 80 Merritt 
Boulevard, Trumbull, CT 06611 
or send electronically to 
careers.ct@nasdaq.com, ATTN 
Human Resources. Please ref- 
erence the following number on 
your resume, #200306. We are 
an equal opportunity employer. 


Software Systems Engineer to 
research, design, develop and 
test operating systems software 
for multimedia internetworking in 
video streaming; design and 
develop Java Swing software 
with Sybase; use Web methods 
for integration on Sun Solaris 
and Windows NT, Java, JNLP, 
JBuilder, Embarcadero and 
Tomcat; use parallel and distrib 
uted computing and software 
engineering techniques. Require 
B.S. with three years experience 
(or MS. with one year experi- 
ence) in the job offer or any 
experience providing skills in the 
described duties. 40% travel to 
client sites within the United 
States required. Salary: $59,000 
per year, 40-hour week, M-F. 
Maii resume to: Vice Presideni 
Y&L Consulting, Inc., 605 17th 
Avenue, East Moline, IL 61244 


Debugging, design, and devel- 
opment of credit card process- 
ing and workflow automation 
system using Microsoft.NET, C 
Sharp, VB.NET, SQL Server 


Must have Bachelor's or equiva- 
lent in Computer Information 
Systems. Must have six (6) 
years of experience in an analyt- 
ical, research, or project man- 
agement environment in the 
credit card or software industry 
or related environment. Object 
Oriented and Event Driven pro- 
gramming experience using 
Visual Basic, SQL Server, XML 
Queuing, Microsoft VSS, work- 
ing on enterprise wide applica- 
tions, development and integra- 
tion of Document Management 
and Workflow Automation 
Systems Must have legal 
authority to work in the U.S 
Please send resume demon- 
Sstrating all minimum require- 
ments to: Kerri Alexander, 1600 
1st Ave. Columbus, GA 31907 
Ref #LCSSMA/KA18 


Programmer/Analyst (3 posi- 
tions) to analyze, design, devel- 
op, test, support & maintain n- 
tier, distributed & object oriented 
computer software apps for the 
IT, internetintranet & telecom 
industries; Perform stated duties 
using Java, EJB, JSP, JNO! 
SABA or DSET, SOAP, XML 
J2EE JavaScript HTML 
Crystal, RationalRose, Oracle & 
Informix. Require: Bach Deg. (or 
foreign equiv.) in Comp. Sci 
Math, an Engg. discipline, or 
closely related field, w 2 years 
exp. in job offered or in the 
design & development of soft- 
ware applications; Paid travel to 
client sites within the U.S. is 
required; 8a-5p, M-F; Send 
resume to HG-HR, SysArch Inc 
3370 Commons Gate Bend, 
Norcross, GA 30092 (no phone 
calls please) 


opening: 3 
Software design and develop- 
ment, in Java, J2EE, Corba 
OOP in a UNIX, environment 
UML, RUP, ratio rose, Clear 
Case, clear q rbix 2000 
weblogic 8.X dream 
weaver, vignette. Minimum edu- 
cation of Bachelors puter 
Science or related fields is 
required with 2-3 years of expe- 
rience or masters in computer 
Science or related fields with 1 
2 yrs of experience 
Programmer Analyst 
Opening: 3 
Software design and develop- 
ment, in C/C++, Co OOP in 
a UNIX environment, UML, RUP. 
rational rose, Clear Case, clear 
quest, orbix 2000, weblogic 8.X 
Oracle, dream weaver. minimum 
education of Bachelors in com- 
puter Science or related fields is 
required with 2-3 years of expe- 
rience or masters in computer 
Science or related fields with 1- 
2 yrs of experience 
Send resume to: 
Semafor Technologies LLC 
3300 Holcomb Bridge Rd, 
#212 
Norcross,GA-30092 


Programmer Analyst w/exp to 
analyze, design, test & devel- 
op data processing & soft- 
ware applications using SQL 
Server, XML, Visual Basic 
Script, ASP, Visual Basic 
VBA, MS Access, MS Excel 
T-SQL, Visual Source Safe 
Crystal Reports, OLE-DB 
Java Script, Visual Interdev 
Rational Rose, Visio, Filenet 
& Panagon IDM. Send 
resume to: Global Software. 
inc. 3200 Atlantic Avenue 
Suite 200, Raleigh, NC 
27604 


new specialty polariza 
»ptical fiber 

develo 
2 new test 
nced fiber tes 
est training for all 
volved in testing 
h manufacturing and devel- 


employees 


vv Jevelop the 
ecipes for the specialty 
nce. Will modify 
»cess for ufac- 
Ww support ail 
Jevelopment and 
s. Will research 
lew specialty fiber 
ncluding Rare earth 
fibers Will qualify 
Company's manufacturing and 
develop test procedures and 
implement calibration 
res Bachelo 


ules. R 0 
equivalent in 


Science or 
Electrical Engineering, Physics. 
or Optics and three (3) years in 
job offered or three (3) years 
experience testing and develop- 
Ng optical fiber. OR, in the 
alternative, Master of Science 
or equivalent in Electrical 
Engineering, Physics, or Optics 
and one (1) year in job offered or 
one (1) year experience testing 
and developing cal fiber. 
t also possess 
O ted expertise design- 
ing polarization-maintaining 
optical fiber demonstrated 
Jeveloping MCVD 
receipts for fiber; and demon 
strated expertise implementing 
the telecommunication indus- 
try’s standards for optical fiber 
testing and qualification 
Salary $82,400/yr, M-F 
9AM-5PM. Send 2 resumes to 
Case # 200202888 Labor 
Exchange Office. 19 Staniford 
St.. 1st fl, Boston, MA 02114 
EOE. Applicants must be work- 
ers eligible to accept full-time 
employment in U.S 


expertise 
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Programmer Analyst- (Plymouth 
Meeting, PA) Research, design, & 
develop existing computer appli- 
ations on Microsoft Windows 
system & other systems in con 
tion with hardware product 
development Analyze, design 
test & implement computer appli 
Ns supporting the availability 
nong Microsoft & other different 
operating systems. Req'd: Bach 


omp. Science 


mp 
or related field & 2yrs. exp 


b offered or 


Must have exp w 


Software Developer 
Research/develop software per 
lent needs using Java (J2SE 
ASP, Net.Data 
JavSc on Wir 
OS; deve 
Jakarta Tomcat 
2re aS primary app 
ith Db2, Oracle, MS 
Server, PostgreSQL as back- 
end database h support as 
needed. Req. MS Comp. Sci. & 
mos. exp. in job/Software 
Development Research or relat 
ed Mai resume 
TaxAutomation 2300 
Rd., Ste. 420W Boca Raton 


1. No calls. 


Corporate Computer Services 
CCS) has multiple openings for 
System/Programmer Analysts 
for both entry & experienced lev 
els (minimum BS). Skills in fol- 
owing areas C/C++, VB, Oracle 
are plus. We are small but we do 
not lay off. Attractive wage w 

1efits. Apply HR@ccsiusa.net 


Meridian Technologies looks for 
IT professionals for various posi- 
tions in the area of Oracle, SAP. 
SQL, Java, Web applications 
Unix, etc. Candidates must have 
BS or equivalent with some IT 
experience. Travel required 
some positions. Please contact 
marali@meridiantech.net. EOE 


Analysts to analyze 
and implement ecom- 
e and other solutions using 
IDOC, EDI 


Vindows OS ; perform gap 
analysis of customer EDI reqs 
and business appls 


tions; troubleshoot 

EDI fi install/configure 

Gentran Se document pro- 
gram development process 

BS or foreign equiv. in 

(any branch) & 2yrs 

Travel involved. High 

F/T. Resumes to: HR 
Solutions USI, _ Inc 

ens Port Dr S 25 


J Analysts to analyze 
design/develop s/w appis using 
aScript /BScript 
Weblc Oracle 
COBOL, DB2, CICS under 
Windows, UNIX & M\ OS 
perform unit, functional, integra- 
tion, regression and systems 
level testing; analyze user reqs 
prepare design documents 
develop & enhance online & 
batch programs; implement 
install, test, debug and modify 
new/existing appis. Require: BS 
or foreign equiv. in CS/Engg 
(any branch) & 2yrs exp. in IT 
Travel involved. High Salary 
F/T. Resumes to: HR, Global IT 
Solutions USI Inc., 600 
Stevens Port Drive, Ste 125 
Dakota Dunes, SD 57049 


Lae Melos 


The World 
Of Work Is 


Changing 


Seeking qualified applicants for 
the following _ position in 
Memphis/Collierville, TN enior 
Project/Process Analyst. Per- 
form planr d analysis for 
complex pr processes 
and/or ongoing programs. Req- 
uirements: Bachelor's degree* or 
equivalent in business, computer 
science, MIS or related fieid pius 5 
years of experience in planning 
project management or process 
of IT projects. Exp: 

erience with CVS also required 
“Master's degree in appropriate 
field will offset 2 years of general 
Submit resumes to 

FedEx Corporate 

Summit Tower 

), Orlando, FL 


Programmer Analyst w/exp to 
analyze, develop, code, imple- 

custom S/W application 

Java, ASP.Net, VB.NET, 

Window Forms, Web 
Services, T-SQL, SQL Server, 
XML.NET, XSLT, Xpath, HTML 
DHTML, Visio, Crystal Reports. 
MSMQ on Unix, Linux & 
Win/platforms. Design, build & 
administer database. Send 
resumes to: LJ. Burt & 
Associates, Inc. 222 Mandalay 
Canal, Irving, TX 39. No in 
person resumes/interviews; only 


respond by mai 


Internet company seeks 
PhD Research Engineers 
responsible for innovative 
research. Interested appli- 
cants should send resumes 
to: K Wolfe; 1501 Salado 
Mt. View, CA 94043. Visit 
www.googie.com for addi- 


tional information 


Systems Analyst/ ASP Developer 
to design/ support web appins 
user reqs., sys. updates, develop 
unctionalities Coding 
g ASP. VB ADO 
COM/DCOM, IIS Visual Interdev 
VBScript, and JavaScript on NT 
platform Interface with SQL 
Server using ODBC, Transact- 
SQL Stored Procedures, Triggers 
for Data Access. Analyze client 
specs., design data model, user 
interface and develop enhance- 
ments. Perform testing, monitor 
perf. & refine utilities. Oversee 
QA/QC. BS in Electronics or CS 
+ 3 yrs. exp. in job duties. Apply 
t BCA 2180 Satellite 
Boulevard, #325, Duluth, GA 
30097 with proof of permanent 


work auth. Comp. Salary. 


Prog Analysts to analyze 
design, develop appls using: C 
VB, JavaScript, HTML/DHTML 
EJB, JSP, ASP, Serviet, UML 
Oracle, SQL under Windows 
OS; perform initial study of req 
and provide feedback; provide 
on site maintenance support 
debug, modify, fine tune and 
perform code _ optimization 
Require: BS or foreign equiv. in 
CS/Engg.(any branch) & 2 yrs of 
in IT. High Salary. Travel 
olved. F/T. Positions avail- 
able in Elgin, IL and Lower 
Gwynedd, PA. Resume to: HR 
Fourth Technologies, Inc., 1108 
N. Bethlehem Pike, Suite 8 
Lower Gwynedd, PA 19002 
Specify location desired on 
resume 
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aeetuctruc meee 


The World Of 
Work Is Changing 
Every Week. 


IT|Careers 


Software Engineers needed 
Seeking qual. candidates pos- 
sessing BS or equiv. and/or rel 
work exp. Part of the req. re’ 
work exp. must include 3 yrs 
working w/ Java. Duties include: 
Perform web based app. devel- 
opment, & supportitrain staff on 
Java; Establish & maintain 
AS/400 & DB2 databases 
Develop inter-process & inter 
system comm. protocols. Work 
w/ Java, JSP. Web Sphere, & 
DB2/400. Send res.. ref., & sal 
req. to Bennett Technology 
1001 Industrial Pkwy., P.O. Box 
569, McDonough, GA 30253 


Engineering Analyst need- 
ed in Austin, TX to 
research, design, develop 
automated test and mea- 
surement solutions and 
instrumentation hardware: 
software using LabVIEW, C 
and HMI software. Must 
have a Bach. in Engg and 2 
yrs exp. in job offered or 2 
yrs exp. in hardware and 
instrumentation for test and 
measurement E-mail 
resumes to ruth.hale@vi- 


DATAFORMIX Technologies, Inc 


has openings in Delaware & 


nationwide for computer proffis 


w/ two yrs of exp in the fo 
ing skills: VB, VBScrip' 
Java, Java’ 


JNI, JDI 


Server, HTN 
Site Server 


RogueWave 
Administration 

Admin., Network Management 
CciSCO Routers Nove 


Netware n 20 Unix & 


She’ 

Linux 
Perforce. 
BPWin 

Deg 

jeg & 


Candidate si 


tech.com. Put code SE on : 
travel & re 
the resume Benefits. Sa’ 
commensurz 


hr@dataformix.com 


K&M Softech is looking for pro- 
grammer/system system, soft- 
ware/project engineers or IT pro- 
fessionals. Both entry & experi- 
enced levels needed. Some Activity 
positions require travel. Skills in 
C/++, V8, Oracle, SAP, SQL are ate business applications 
plus. Please send resumes to Rapid Application Developr 
Recruit@kmsoftech.com. EOE techniques. Will work 

ness users t 
Multiple Openings for software systems & 
Project Engineers, Systems sis for new syster 
Analysts. Develop & Design technica’ Jocumentatio 
Software systems using system application; work with a team to 
tools and programming skills on design the most effective appli- 
multiple platforms/operating sys- cation, will be respons: 
tems and databases. Full-Time 
job & Competitive wage. Contact Cé > maint C > Related exper 
hr@iwiztech.com. EOE s p PP ence must de 3 years 


& 
Profitability applica’ 


managing application's - Z jited credentials evalua- 


ods. Above 


SOFTWARE ENGINEER to 
design, develop, implement an 
test application software 
C/C++ and SANcentral 
DevSuite (SCDS) in Windows sess demonstrated 
environment for storage man- developing 
agement software; write Snap- 
Ins using COM in Microsoft 
Management Consoie; SCSI 
TCP/IP and UDP protocols; I/O 
subs 1s, software drivers 
operating systems and storage 
area network. Require: B.S. in 
Computer Science and three 
years experience in the job 
offered. Competitive salary and 
benefits, 9 am to 6 pm, M-F. 
Apply with resume to: Principal 
Factotum, Datacore Software 
Corporation, 6300 NW 5th Way 
Fort Lauderdale, FL 33309 


LUCKILY, WE-ARE Foo! 


itcareers.com 1S now 


powered by 
CareerJournal.com! 


Search for jobs and post 7 
your resume here on | fcr Pe ees 
www.itcareers.com 


or call:(800) 762-2977 
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COMPUTER/INFORMATION ObjectWin is loo 
Programmer/System 

TECHNOLGY - Cap Gemini other IT professionals 

Ernst & Young U.S. LLC is cur. 

rently seeking individuals to fill 


Consultant and Manager posi- 


ngs s r SQL, Oracle f 
Software Engir NT. Sun = 
must have BS v and Pr 
using Job Cobol, JCL c 
Tre 1 
Ref#1181 for Consultant or Travel may | 
positions. We are sma - 
#1182 for Manager. EOE. NO ble. Competitive s Emmons 
apply at bapujik Ste 450 


PHONE CALLS EOE “a 44131. EOE 


http://www.us.cgey.com/careers: 


eRecruit.asp 


and cover 


CorelVal 





Technical Consultant 
(Technical Support Engineer) 


Under minimal supervision, pro- 
vide architectural, technical 
design development and 
deployment services on various 
complex technical engagements 
ranging from short-term techni- 
cai consulting to large scale 
clien/partner projects in multiple 

and platforms. Analyze 

tr business require- 

and software/product 
objectives. Develop application 
design: to meet customer 
needs. Serve as a technical 
advisor to clients/partners in 
optimizing use of various com- 
pany products. Estimate time 
frames, quality and quantity of 
resources required to success- 
fully implement _ projects 
Develop project plans with 
Project Managers. Establish cri- 
teria concerning deliverability 
performance maintenance 
design and costs. Conduct peri- 
odic status checks to assess 
progress against plan. Performs 
re-forecasts of project variables. 
Contribute to the sharing of 
knowledge and best practices 
based on engagement experi- 
ences. Assist as needed on pre 
sales opportunities such as RFP 
responses, proposal delivery 
architecture assessments, and 
technica! qualifications. Masters 
Degree in CS/EE/Info. Sys. or 
related field. $95,000 annually 
40 hrs./wk 


Must have proof of legal author- 
ity to work in the United States. 
Send your resume to the lowa 
Workforce Center, 902 W. 
Kimberly Road, Suite 51 
Davenport, lowa 52806-5783 
Please refer to Job Order 
1A1101789 Employer paid 
advertisement 


Senior Systems Engineer 
| needed at Brown & Williamson 
| Tobacco Corporation in 
Macon, GA. Provide 
application and technical 
| support, define project 
requirements, develop | 
application design including | 
process, functional and data | 
| flows & entity relationships. 
Code programs, develop test | 
plans, perform testing & 
document results. Conduct | 
analysis & programming of | 
application enhancements 
provide 24x7 support of 
production applications 
Identify and resolve 
problems to improve the 
application. Must possess BS 
or equiv. in education & 
exp.) in Computer Science 
or Computer Info. Sys. & 1 
yr. of exp. as a Senior Systems 
| Engineer, Programmer 
Analyst or IT Consultant 
incl. exp. in the design & 
development of manufacturing | 
process control environment. | 
Send resume by mail to 
Melissa Harden at 401 S 
4th Street, Ste. 200 
Louisville, KY 40202-3426 
Resumes without salary 
requirements will not be 
considered. Faxes and emails 
| will not be responded to 


SOFTWARE ENGINEER to 
design, develop, maintain and 
mplement applications to 
process online transactions 
JMX, Introscope, Java 
STRUTS Framework) 
EJB, JMS, JavaScript 
J XML, Rational Rose 
Clear Case and WebSphere 
under Windows NT operating 
system. Require: M.S. degree in 
> Science/Applica- 
or a closely 
aid with 2 yrs of exp in 
offered. Competitive 
salary offered. Apply by resume 
to: Dave Bloomquist, Globai 
Software Development 
Services, Inc.,10 South 5th St 
Ste 700 Minneapolis, MN 
55402; Attn: Job RT. 


alee B Motos eS 


Software Engineer: Designs 
develops, modifies, and imple- 
ments customized applications 
with financial modules and 
State-wide software and sys- 
tems according to user needs 
and requirements using multi- 
tier architecture in J2EE, OO 
and Oracle database as well as 
design-patterns. Develops and 
directs applications testing pro- 
cedures and programming 
Writes technical documentation 
Will serve as Team Leader for 
Technical Development and 
Application Development 
Teams and as a member of the 
Architecture Team Must have 
BS or equivalent in CS/Math 
Engineering or related Must 
have 3 yrs exp. in job offered or 
in Design and development of 
financial modules using Oracle 
& OO languages . Will accept a 
foreign degree evaluated by a 
recognized authority as equiva- 
lent to a U.S. bachelor's degree 
Must have large project experi- 
ence. Must be willing to be 
assigned to unanticipated client 
sites throughout the state of ME, 
NH, VT.. Salary: $85,000/yr Hrs: 
8:00am-5:00pm, 40/wk. Please 
send 2 copies of resume to: Job 
Order #2004-048, P.O. Box 
989, Concord, NH 03302-0989. 


COMPUTER/IT 
Security Engr, Managed Svcs. 
Framingham, MA. Assist w/pre- 
sales efforts to drive vol. of 
DiData's Managed Security 
Service (MSS) Deploy new cus- 
tomers onto MSS _ platform 
Provide Level 2 & 3 scrty. sup- 
port for cust. w/Uptime on scrty 
prod. & w/MSS. Dvip. & present 
MSS status at qtriy. review mtgs 
Dvip. & support co's 
mngd. Intrusion Detection svc 
Work w/Checkpoint Firewall 
Cisco Pix Firewall, Cisco 
Intrusion Detection installation & 
config, & IP ntwrk. REQS 
Bach's (or equiv combo. educ 
and/or exp) in CS, IS, or Engr 
plus 2 yrs. exp. in job offd or as 
Security Specialist/Admini- 
Strator. Exp, which may be con- 
current, must incld 2 yrs exp 
Cisco Pix Firewall & w/ imple: 
n Mail 
DiData 


Database Administrator 
Louisville, KY: Implement, tune. 
maintain, recover and backup 
Oracle RDBMS, SQL Server 
and PL/SQL databases. 
Develop physical and logicai 
data mod stored procedures. 
Bourne, Korn and Shell scripts 
ar ystal Reports. Requires a 
Bachelor's Degree in Computer 
Science or equivalent, pius at 
least two years work experience 
asa grammer Analyst using 
Oracl PL/SQL and Shell 
Scripting. Reply with resume to 
Recruiter, P.O. Box 6351 
Louisville, KY 40206-0351 


Software Professionals 


RS Software, a leading, glob- 
ally positioned software 
development and consulting 
firm needs System Analyst 
willing to relocate to its client 
job sites nationwide with 
experience in upgrading 
troubleshooting and mainte- 
nance of customer specific 
network in Unix, Solaris, AIX 
and Windows NT environ- 
ments. Send resumes to: HR 
RS software (India) Ltd., 
1900 McCarthy Bivd., # 103 
Milpitas, CA 95035 


Newton, MA Corporation looking 
for a Lead Software Engineer. 
Resp. for assisting in the 
advanced design, development 
and testing of software technolo- 
gies Responsibilities will 
include; development of test 
harness for page-based 
applications; development 
smoke testing and regression 
framework for tag-based web 
applications; Configuration and 
tuning of Java-based page com- 
pilers; and evaluating Neo com- 
patibility using the CFML lan- 
guage. Implementation and test- 
ing of ColdFusion 6 administra- 
tive user interface, using 
ColdFusion markup language 
Java and JSP. Monitor and 
respond to Macromedia's public 
beta customer discussion 
forums, providing external inter- 
face to engineering team 
Req. Four years of related expe- 
rience as a Software Engineer, 
9-5pm, $105,000, per annum 
Send resume in duplicate to 
Case, #200201535, Labor and 
Exchange Office 19 Staniford. 
1st Floor, Boston, MA02114 


Sr. Software Engineer to 
design develop, implement. 
test and maintain Web-based 
application software in n-tier 
environment using object ori- 
ented programming Java 
J2EE, Serviets, JSP, EJB 
RDBMS, Oracle, XML, HTML 
JavaScripts and Weblogic under 
Unix, Sun Solaris and and 
Windows Operating Systems 
Require BS Degree in 
Computer Science an 
Engineering discipline, or a 
closely related field with more 
than 5 years of progressively 
responsible experience in the 
Job offered or in the related 
occupation of Programmer: 
Analyst, Programmer. Extensive 
travel on assignments to various 
client sites within the US is 
required. Competitive Salary 
offered. Apply by resume to 

Ravi Kandimalla, President 
EVEREST COMPUTERS INC 

900 Old Roswell Lakes 
Parkway, Suite 300, Roswell 
GA-30076: Attn: JobKS 


Senior 
Programmer Analysts 


We are looking for experienced 
ogrammers with the following 
at least 2 years experi. 
ence with Microsoft VBscript 
HTML, Active X, Jscript and 
ASP/Il, SQL Server, Crystal 
Reports, PL/SQL and Loan 
Quest mandatory. A degree in 
Computer Science or Infor- 
mation Technology is required 
Must have excellent communi- 
cation skills, both verbal and 
written. Excellent technical peer 
group to work with. Some travel 
may be required. For consider 
ation, please fax your resume to 
(904) 356-1099 or e-mail to 
hr@MortgageFlex.com NO 
THIRD PARTY. For further info 
go to www.mortgageflex.com 


itelligence Inc seeks SAP 
Technical Solutions Architect 
with bachelor's in busines 
math, comp sci, eng. or related 
field & 6 mos exp in ABAP pro- 
gramming, reporting & interfac- 
ing in SAP R/3 system. Must be 
SAP certified in ABAP Dialog 
Programming 46 ABAP 
Workbench User Dialogs 
Business Workflow Intro, & 
Business Workflow Build & Use 
Also seeking Project Mgr with 
bachelor’s in business, math 
comp sci, eng or related field & 
2 yrs exp in implementation of 
SAP SD & MM. Must have SAP 
training in SD Business 
Warehouse Advanced Analysis 
Business Warehouse Data 
Warehousing & Demand 
Management Please send 
resumes to Art Blanco, Human 
Resources Director @ art.blan- 
co@itelligencegroup.com 


IT|careers.com 


Senior Database Developer 


Duties: This is a full-time posi- 
tion paying $85,000 per year. 
The Senior Database Developer 
will: independently design and 
develop complex database com- 
ponents for e-commerce based 
systems using NT, UNIX 
Oracle, MS SQL, PL/SQL, SQL 
Windows and Sun (Forte) 
Workshop; conduct unit testing 
and debugging on database 
components along with 
system/integration testing; and 
conduct performance tuning on 
database components. 


Minimum Requirements: A 
Bachelor's Degree (or the for- 
eign equivalent) in Computer 
Science, Engineering, or a relat- 
ed field; at least 3 years experi- 
ence with NT, UNIX, and Oracle 
at least 2 years experience with 
MS SQL PL/SQL and 
SQLWindows; and at least 1 
year experience with Sun 
(Forte) Workshop. 


Applicants should submit two 
copies of resume to 
Case #200203281 
Labor Exchange Office 
19 Staniford St., 1st Floor 
Boston, MA 02114 


Software Engineers Needed 


Design and develop ENOVIA'S 
Application Software. ENOVIA is 
a leader in developing and 
implementing innovative Digital 
Enterprise Solutions. ENOVIA'S 
Cutting Edge solutions include 
WEB based Digital applications 
designed to help manufacturers 
create, manage, communicate 
and digitally simulate all aspects 
of the product life cycle. 


Requirements for various level 
positions include degrees in 
Computer Science, Engineering 
or a closely related field 
Experience preferred in 
Java/C++, SQL, Windows NT 
and Unix 


ENOVIA offers a competitive 
salary and comprehensive ben- 
efits package. Qualified appli- 
cants please forward your 
resume and salary requirements 
to: enoviahr@enovia.com 

EOE 


COMPUTER/IT 
Support Specialist (Irvine, CA) - 
Utilize experience in commercial 
record center operations man- 
ment to provide advanced 
technical support to customers 
in connection with the develop- 
ment & modification of special- 
ized software designed by 
O'Neil Software, Inc. for the 
commercial record center indus- 
try. Requires 1 yr. of post-sec- 
ondary comp.-related training 
and 3 yrs.’ exp. in the job offered 
or 3 yrs.’ exp. managing com- 
mercial record center opera- 
tions Training must include 
advanced computer applications 
and network operating systems 
Stated exp. must include at least 
1 yr. of exp. as an end user of 
O'Neil software & practical exp 
utilizing MS SQL Server. 
Windows 2000 Server, or 
Windows NT Server & network 
operating systems, and provid- 
ing direct customer support 
Must pass technical exam 
Apply with resume to: O'Neil 
Software, Inc., Dept: 33, 11 
Cushing, Irvine, CA 92618 
Reference: SSLC 


ta new 
career 
Check out our jobs 
in the combined 


CareerJournal.com 


database. 


www. itcareers.com 
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Senior Programmer Analyst 
Convert customer requirements 
into program specifications 
Analyze impact of proposed 
solutions on business applica- 
tions. Ensure satisfactory func- 
tioning through testing, analysis 
of results, and correction of defi- 
ciencies according to customer 
requirements. Serve as team 
lead for the Enterprise server 
development team Review 
work of development team 
members. Must have Bachelor's 
degree in Computer Science 
Engineering or related field, one 
year experience, and must be 
able to use Visual Basic, C 
C++, SQL, HTML, Object 
Oriented Design, and Oracle 
databases. Send resume w 
cover letter to APAC Customer 
Services, Inc., Attn Cindy 
Corkery, 6 Parkway North 
Center, Deerfield, IL 60015 
EOE/AA 


APAC CUSTOMER SERVICES, 
INC. is not affiliated with APAC 
Inc., the road paving and con- 
struction materials company. 


Looking for 
a new. career? 
The new 
itcareers.com 
and 
CareersJournal.com 
combined 
jobs database 
can help you find 
one. 

Check us out at: 
www.itcareers.com 


or call (800) 762-2977; 


Senior Systems 
| Developer 


IT job openings? 


Post them in our 


jobs database at: 


www.itcareers.com 


CW031110\N4 





COMPUTER/IT 

Software Engineer. Req. Bach.'s 
degree (or foreign equiv.) in 
Comp. Science, Comp. Eng., or 
Physics, & 3 yrs.’ exp. in the job 
offered or 3 yrs.’ exp. in s/ware 
eng. and/or devel. of internet- 
based technologies, involving 
s/ware design, program design 
& code optimization. Stated exp 
must incl. design, coding 
debugging, & testing of s/ware 
using multiple programming lan- 
guages, incl. C++, COM & SQL 
rel. to: distributed systems; serv- 
er-side technologies; algorithms 
& multithreading & synchroniza- 
tion. Design, develop & imple- 
ment internet-based technolo- 
gies, incl. server-side technolo- 
gies, to collect, maintain & orga- 
nize real-time digital imaging 
data for clients. 40 hrs./wk 
Apply w/ resume to: Ref.# 
34200, Careers, Vistascape 
Technology Corporation, 300 
Galleria Parkway, Ste. 690 
Atlanta, GA 30339. The compa- 
ny is also looking for a Product 
Manager. a Director of 
Channels, & a QA Analyst 


COMPUTERIIT 

Business Developer & Regional 
Manager for Latin America 
Requires a Bachelor's Degree 
(or equiv.) in Systems & 
Computer Engineering or a 
related field. Must also have 7 
years of experience in the job 
offered or 7 years of experience 
leading & performing computer 
risk security assessments. All of 
stated experience must include 
performing information security 
policy development & strategic 
planning; implementing security 
software and policies to protect 
business infrastructure; perform 
ing return on investment analy- 
sis; & designing security sys- 
tems. Must be fluent in Spanish 
on a business level & willing to 
travel internationally up to 509% 
of the time Job based in 
Atlanta, GA but time will be 
divided between GA & home 
location. Co. will pay commut- 
ing expenses. Send resume to 
S. Walker, Internet Security 
Systems, Inc., 6303 Barfield 
Road, Atlanta, GA 30328 


SENIOR DATABASE ADMINIS- 
TRATOR to administer, develop 
implement and maintain data- 
bases using MS SQL Server 
Visual Basic, ASP, IIS and Erwin 
on Windows NT, Windows 2000 
Advance Server and Compaq 
7000 platforms; Instal and con 
figure SQL Server on MS 
Cluster Server, and design three 
level disaster recovery plan with 
Log Shipping under a clustered 
environment; Plan and imple- 
ment processes to streamline 
database changes across sever- 
al environments. Require: B.S 
degree in Computer Science. 
Engineering, or a closely related 
field with 2 yrs of exp in the job 
offered. Extensive travel on 
assignment to various client 
sites within the U.S. is required 
Competitive salary offered 
Apply by resume to: Ravi 
Kandimalla, President, Everest 
Computers Inc 900 Old 
Roswell Lakes Pkwy, Ste 300 
Roswell, GA 30076; Attn: Job 
KD 


Information 
Overload? 
Take a break at 
itcareers.com 
and take the 
hassle out of job 
searching! 


AAS : s.com 


IT|\careers.com 


SR. PROGRAMMER/ANALYST 
Design, develop and impiement 
E-CRM_ applications using 
KANA-ECRM suite KANA- 
Eservice KANA-IQ). Develop- 
ment of email management 
systems using KANA-RES 
PONSE, Microsoft technologies 
like VB, ASP, Visual Interdev 
and XML, VISIO, XSLT, JAVA: 
Script, Jscript COM/DCOM 
Design and develop workflow 
based intranet applications 
using Microsoft technologies 
(.NET, VB.NET, ASP.Net, C#) 
Design and development of the 
report applications using CRYS- 
TAL REPORTS. 40 hours/ week 
8:00 a.m. to 5:00 p.m., $60,000. 
year. Bachelor's degree or 
equivalent in Computer Science 
or related field Equivalent 
work experience or a combina- 
tion of experience/education 
would be accepted in lieu of 
bachelor's degree. Must have 
proof of legal authority to work in 
the United States. Send your 
resume to the lowa 
WorkforceCenter, 590 iowa 
StreetDubuque 1A 52004- 
0757 Please refer to Job 
Order #1A1101808. Employer 
paid advertisement 


COMPUTER/IT 

Applications Systems Analyst 
Programmer Sr. (Princeton, NJ) 
Reg. Bach. deg. (or equiv. for- 
eign educ.) in Comp. Sci. and 2 
years’ exp. in the job offered or 2 
years’ exp. in system analysis & 
Java programming using JRUN 
& Webstart platform tools. All 
stated exp. must include Java 
GUI programming using SWING 
components in stand-alone 
applications. Must have exp 
programming in C/C++ and 
developing software applica- 
tions related to standardized 
assessment testing. Perform 
system analysis and Java pro- 
gramming using JRUN & 
Webstart platform tools to devel- 
op software applications related 
to standardized assessment 
testing Analyze __ technical 
requirements and participate in 
Java GUI programming using 
SWING components in stand- 
alone applications. 40 hrs./wk 
Apply with resume to: Kelly 
Abernathy-Porch, Educationai 
Testing Service Rosedale 
Road, Princeton, New Jersey 
08541. EOE 


Sr W/T Specialist (Software 
Engineer), Pittsburgh, PA & vari- 
ous client sites throughout the 

Render consulting ser- 
vices to clients & provide sup- 
port & guidance to Web applica- 
tion development & deployment 
team members analyze 
research, design & develop soft- 
ware systems using Java, C++ 
SQL & WebSphere on UNIX 
operating system; expand on 
electronic business, including 
J2EE software development 
web application scaling, web 
site performance, & security. 
Perform tech tasks such as 
overall solution architecture 
analysis, design, programming 
performance tuning, product 
installation, & system integra- 
tion Requires Bachelor's 
degree or equivalent in Comp. 
Sci Eng or Comp 
Communications & two years of 
experience in the job offered or 
two year of experience as a 
Software Engineer or Developer. 
40 hrs/week 9am-6pm 
$95,000/yr. Reply to Job Order 
# WEB369363, Site Director. 
Pittsburgh/Allegheny County 
CareerLink, ATTN: CL Program 
Supervisor, 425 Sixth Avenue 
Suite 2200, Pittsburgh, PA 
15219-1837 


Should be having 6+years of 
nce in design, develop- 
testing, implementation 
documentat Of Client 

server and Web applications 

using .Net Framework and 
expertise in developir 

tion in ASP. Net, VB.Net, ADO 

Net, C # Java.JSP’s and Web 

Services and Strong experience 

in developing applications Visual 

Source Safe 6.0,Rational 

Rose, lIS, VB, Java ASP. 

JavaScript, VB t, XML 

XSL,COM + components and 

MTS and We extens 

with SQL s a 000), Oracle 

(91)/8/7.1 and M Access 

Databases Jsing Stored 

Procedures, Trigg Norked on 

Internet cations and three 

tier architecture proje g 

operating systems like UNIX 

d WINDOWS NT as 
vironment 

ent side validation 

cript and style 

sheets, JSP's.With Experiance in 

Software and De n 

Business Administration is 

required as this postion needs 

extensive interaction with busi- 
ness models and deviopment 


mes should be sent to 226 
Paul St.#204, Pittsburgh, PA- 
15211. Job Order # 359770 


fessionals v ting 
exp. in the following areas or a 


combination thereof 


fants ir 
CO, F g & HR 

SD, MM, PP, PP-P!, AM, PM &PS 

EDI, Basis 

RDBMS 


Tools & O: 


PeopleSoft 
Tools, PeopleC: 
&D 
We offer 
benefits. Requ 
wi 2 to 

Must 

sites throug 
ma 


ntelligrour 


Infinite C ting Systems a 
Cedar Rapids, lowa Company is 
seeking qualified computer pro- 
fessionals Current positions 
available must meet the follow- 
ing requirements. All pc ions 
require at least a Bachelors 
degree (3 year fgn Bachelor 
degrees are ptabie) 

ma nave tional positions 
available in addition to the ones 
listed Multip Dositions are 
likely available in some posi- 
tions andidate’s salary 
Offered relative to experience 
and skills. Candidates must be 
willing to relocate and travel as 
needed. 


2 yrs exp 

+ Java, HTML, XML, Weblogic 
or Websphere 

+ Expeditor, IDMS, DB2 

+ CRM (e.g. SAP, Peoplesoft or 
Oracle functional/technical) 

+ Visual Basic, SQL, ASP.net 
SQL Server 

+ Easytreive, QMF, Cobo! 
CICS, SAS, TSO/ISPF 

+ C, C++, GUI, Oracle or 
Informix or Sybase 


Please send resume and cover 
letter to: Raj Inani, President, 
Infinite Computing Systems 
Inc., 230 2nd Street - Ste 214 
Cedar Rapids, |A 52401 


ale Baetes a 


Systems Engineer: Design and 
develop complex workflow sys- 
tems for automation of pre- 
ordering and ordering systems 
using Oracle, enterprise Java 
beans (EJB), CORBA and C++ 
on a UNIX platform: perform 
design analysis of deployment 
mechanisms of applications 
develop strategies for smooth 
secure display and transfer of 
information; design asynchro- 
nous communication mediums 
between distributed applications 
and different legacy mainframe 
systems; perform research and 
development in operation sup- 


port systems for telecommunica- 


tion network operations; imple- 
ment and analyze advanced 
high-performance supp 
network app 
ig nal database 
techniques; create, maintain 
analyze, develop and administer 
large distributed database and 
software systems. Requires a 
Bachelors degree n 
Engineering or Computer 
Science and either three years 
experience in the job offered or 
three years experience in soft- 
ware engineering using Oracle 
EJB, CORBA and C++ on a 
platform Salary 
0 per year; 40 hours 
per week, 8AM to 5PM, Monday 
to Friday. To apply, submit two 
(2) copies of your resume to 
Case #20 355 
Labor Exchange Office 
19 Staniford St, 1st fi 
Boston, MA 02114 


Web/Notes Progr Analyst. Milan 
TN: Respons for the coding 
testing, and impi applications in 
a Lotus Notes environment 
Provide support to user commu- 
nity in solving bus. problems and 
meet corp. objectives; Provide 
R5 desktop user support 
Perform remote troubleshooting 
and problem resolution; Export 
data from us Notes to AS/4( 
using ODBC; Generate reports 
for business analysis in Excel 
and Notes using date from Lotus 
Notes, AS/400 and Sqi Server 
Imp! and devip web-t 
intranet systems using ASP. 
JAVA, HTML, JAVASCRIPT. 
DHTML, and SQL SERVER 
Manage all Domino, Sametime 
Fax servers; Configure, monitor. 
maintain and resolve problems 
for all Domino servers and appli- 
cations; Manage Domino direc- 
tories, messaging, and web 
access, create new user 
accounts and mail addresses 
Manage the LDAP directory for 
Web access; Monitor Regulate 
server performance issues and 
recommending improvements 
Plan disaster recovery and 

er backups; and Perform techni- 
cal troubleshooting of Internet 
Intranet; and Support acctg dept 
w/ cognos datamining problems 
8 AM -5PM.M-F. Bachelor's 
degree or equiv in CS or Comp 
Engg. 4 yrs exp in the position 
offered or 4 yrs exp in the relat- 
ed occupation of Comp. Eng’g 
Ref: JM. Please forward creden- 
tials to: CECO Door Products 
Attn: HR, 9159 Telecom Drive 
Milan, TN 38358. EOE. MFDV 


Seeking individuals to work at 
various locations throughout the 
US Software Engineers 
Programmer Analysts, SAS 
Data Warehouse Analysts, Tech 
Project Manager. Quality 
Assurance Engineers, DBA's 
and System Administrators. We 
are seeking individuals with any 
of the following skills: Sybase. 
Oracle, C++, VC++, Pro*C, Fox- 
Pro, SAS, Vitria Businessware 
Informatica business objects. 
Apply to: Sagarsoft, 78 Eastern 
Boulevard, Glastonbury, CT 
06033. 
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COMPUTER 
BEA Systems, In 


situr for ic 
evels/types) for loc 


CA (San Jose & San Frar 


rently has opportunities availat 


ations thr 


Seattie & Kirkland); MA 


Liberty 


Software Engineers* 


Developer Relations Engineers 
Systems Analysts / Engineers 


Database / Systems Administrators 
Product / Project / Technical Managers 


“Travel may be required 


Please reference CW1103 when you apply 


BEA Systems 


Moses, Manage 
Resources 
Company 
Farmin 
We are an Equal Opportunity 
ioyer. Visit our Web site 
at www.otis.com 


ammer with exp ir 


Internals 


xp in 
pSOS/vxWorks 


DAC's 


Weblogic, Oracle, J2 

Series, Tuxedo, Rational 
ClearQuest Clear 
PeopleSoft Java Programmer 
with exp in Peoplesoft, Java 
Oracle, Discoverer, Developer: 
Client Server Software Engineer 
with exp in eCRM packages. 
Siebel, Vantive and Onyx. All 
applicants must have B.S. in 
Computer Science, Engin 
eering or related. Apply to 
Vensai Technologies, 79 North 
Eastern Boulevard, Ste. 29A 
Nashua, NH 03062 


Procedures 

Internet appl 

tier arch 

operating systems 

Solaris and WINDO 
development 

Expertise in ts 

using Java script and style 
sheets, JSP’s. With Experiance ir 
Software and Degree in Business 
Administration is required as this 
postion needs extensive interac- 
tion with business models and 
deviopment. 40hr/wk, competitive 
salary. Resumes should be sent 
to 226 Paul St.#204, Pittsburgh 
PA-15211. Job Order # 359770. 
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Continued from page | 
Wal-Mart 


discussion points, currently 
range in cost from 20 cents to 
50 cents, according to analysts 
and consultants. 

Wal-Mart said its RFID roll- 
out will start at Texas distribu- 
tion centers serving about 150 
stores and continue incremen- 
tally across the country. The 
schedule for the rest of the re- 
tailer’s 108 distribution cen- 
ters and 3,000 stores will be 
shared with suppliers later, on 
a rolling basis, through Wal- 
Mart’s extranet site, called Re- 
tailLink, a company spokes- 
man said. 

Jeff Woods, an analyst at 
Gartner Inc., said the quickest 
and cheapest way for suppli- 
ers to meet the January dead- 
line for Wal-Mart’s three Dal- 
las-area distribution centers is 
by adopting a “slap-and-ship” 
strategy of merely affixing 
tags to case and pallets as they 





leave the shipping dock. 


Sales End, but HP e3000 
Discs Will Keep Spinning 


But some analysts and con- 
sultants said the only way sup- 
pliers will be able to justify 
the expense is to do the neces- 
sary supply chain and busi- 
ness process re-engineering 


| that ultimately will help them 


to take advantage of the more 
granular and accurate infor- 
mation. 

That will take time. Jona- 
than Loretto, a Toronto-based 


| consultant specializing in 


RFID at Cap Gemini Ernst & 


| Young, said the “Wal-Mart 


100” face 18 months of hard 
work to comply with the re- 
tailer’s requirements. He esti- 
mated first-year costs at $15 
million to $18 million per sup- 
plier for the hardware, soft- 
ware, other systems and labor. 
John Cummings, an analyst 
at BearingPoint Inc., said many 
suppliers put plans on hold 
while waiting for final details 
from Wal-Mart, but they no 
longer have the luxury of de- 
laying their RFID projects. 
Wal-Mart told suppliers that 
it will focus on UHF tags that 


Users mark end of era, say they will 
run existing systems as long as possible 





BY PATRICK THIBODEAU | 
Hewlett-Packard Co. has end- | 
ed sales of its venerable e3000, 
but many users refuse to give 
up on the system and are for- 
mulating plans to 
keep it running for 
years. 

Connie Sellitto, 
who manages an 
e3000 for The Cat 
Fanciers Association Inc., 
which runs a breed registry in 
Manasquan, NJ., said that the 
system has delivered excep- 
tional reliability and that she 
expects to continue running 
it for the next five to seven 


MORE ONLINE 


For e3000 background 
information, visit our Web site: 
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years. That reliability “is prob- 
ably why people are so emo- 
tional! about it,” she said. 
Indeed, many users, includ- 
ing Sellitto, attended “wakes” 
in hotels and bars 
and at outdoor 
barbecues on Oct. 
31 to mark the last 
day of sales of the 
31-year-old system. 
“It’s like they’re announcing 
that they aren’t doing any 
more Star Wars movies,” said 
Al Karman, director of IT at 
Lady Remington Fashion Jew- 
elry in Bensenville, Ill. The 
longtime e3000 user is moving 


| cept tags utilizing Class 0 or 


| doubt that the e3000 will re- 
| main in many enterprises. And | 
| third-party vendors are cer- 


| ready supports HP3000 Series 


| ported those systems for a 





Wal-Mart’s 
RFID Guidelines 


EPC frequency: UHF tags 
that transmit in the range of 
868 MHz to 956 MHz depend- 
ing on the regulatory region 
where the readers are located. 


Tag type: UHF tags that utilize 
Class 0 or Class 1 protocols for 
reader-to-tag communication; 
in future, tags supporting Class 
1 Version 2. 


er capable of reading different 
types of tags. 


subsidiary of EPCglobal Inc. 
Also, with Class 0 tags, the in- 


| bound and return signals are 


at different frequencies, and 
with Class 1 tags, they’re at the 


| same frequency. 


The Class 0 and Class 1 pro- 
tocols were specifications 
were developed by the Auto- 
ID Center at MIT. EPCglobal, a 
joint venture between EAN In- 


| ternational and the Uniform 


Code Council Inc., has since 
picked up the torch from the 


| Auto-ID Center. 


Wal-Mart spokesman Tom 


| Williams said the company is 
| pushing for a globally accept- 


| ed standard communication 


| transmit in the 868-MHz-to- 


956-MHz range, and it will ac- 


Class 1 protocols for commu- 
nicating with readers. 

Class 0 is factory-program- 
mable only, and Class 1 is 
field-programmable, so retail- 
ers and suppliers can program 
the tags, said Sue Hutchinson, 
product manager at the U.S. 


off the system, in part because 


| his new ERP application from 


Brookfield, Wis.-based Harris- 
Data Inc. is supported only on 
IBM’s iSeries. 
But Karman said he has no | 

| 


tainly preparing for that. 

For instance, Allegro Con- 
sultants Inc. will support the 
system through 201], said 
Steve Cooper, president of the 
San Jose company. Allegro al- 


70 systems that are still in use, 
even though HP hasn’t sup- 


decade, he said. 





Some users marked the last 
day of sales by buying sys- 


protocol, Class 1 Version 2 
(C1V2), through EPCglobal. 
But he said this shouldn't pre- 


sent a hardship if suppliers 


follow its recommendation to 
purchase “agile” rather than 


protocol-specific readers, 


since agile readers have soft- 
ware that can be updated to 
read different types of tags. 
At least two vendors, Sam- 
Sys Technologies Inc. and 


tems. Christian Lheureux, who 
heads the IT infrastructure 


| business unit at Appic RH, an 


HP reseller in Saint-Michel 
sur Orge, France, said he re- 


| ceived four orders for e3000s 
| on Oct. 31, his most successful 
day ever for the system. 


The e3000 got its share of 


| toasts for a job well done. Ter- 


ry H. Floyd, chairman of The 


| Support Group Inc., a techni- 


cal services firm that provides 


| e3000 support, marked the day 


by barbecuing brisket at an 


| outdoor party. “It’s not going 


to quit working tomorrow,” 


It’s like they’re 

announcing 
that they aren’t do- 
ing any more Star 
Wars movies. 


See eeereeesersessssesesssseeess 


AL KARMAN, DIRECTOR OF IT, 


| LADY REMINGTON FASHION JEWELRY 


ThingMagic LLC, said they 
will soon have agile readers 
for Class 0 and Class 1 avail- 
able, with plans to support 
C1V2 once it is finalized. 

But suppliers currently face 
tag-related decisions. Many 
suppliers to Wal-Mart are also 
suppliers to the Department of 
Defense, which has backed 
ISO standards as opposed to 
the EPCglobal proposals that 
Wal-Mart is promoting. 

Analysts, however, said they 
don’t expect the ISO vs. EPC- 
global issue to drag on long 
term. “They will eventually 
merge, and people shouldn’t 
worry about that now,” said 
AMR’s Romanow. 

Another potential burden 
that has been lifted from sup- 
pliers’ shoulders, at least for 
now, is the need to use the 
Physical Markup Language 
to tag product information 
and an Object Name Service 
database server, according to 
analysts and consultants fa- 
miliar with Wal-Mart’s plans. 


© 42676 


said Floyd. “It’s still going to be 
running 20 to 30 years [from 
now] by someone in some 
crazy corner of the earth.” 

In Tewksbury, England, 
Alan Yeo, an HP application 
developer at Screen Jet Ltd., 
attended a small gathering of 
HP e3000 users at a hotel. 

Yeo, who helped create the 
Web site that served as the 
master list of e3000 wakes, 
said the Oct. 31 end-of-sales 
date “does mark something 


| significant, a sort of point of 
| no return that in some way 


| Seeeseresesesesssesesosessseses | 


should be marked.” 

Among those sad to see the 
system enter retirement was 
Chuck Ciesinski, a senior IT 


| engineer and e3000 systems 


| administrator at Hughes Net- 
| work Systems Inc. who has 


used the 3000 family since 
1982. He plans to keep the sys- 


| tem running “as long as I can 
| keep disc drives spinning,” 
| Ciesinski said. “At least anoth- 


er four years.” @ 42669 
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After the End 


BM DOES IT. Microsoft does it. PeopleSoft, Siebel and Com- 
puter Associates do it. So it shouldn’t have been a surprise last 
week when SAP’s CEO, Henning Kagermann, said that for 
customers who are willing to pay, SAP will keep supporting its 
products long after regular maintenance deals have ended. 
Kagermann told a Gartner ITxpo audience in Cannes, France, that 
SAP offers four or five years of standard support, then customers 
can pay more for a two-year extension. “Even after this time, they 
can get support on a time-and-materials basis,” Kagermann said. 
“There is no unsupported client of SAP.” 
Sure, it’ll cost you. But if you'll pay, major software vendors will 
support you. That just makes sense. It goes without saying. 


Then why did Kagermann have to say it? 

That’s not an idle question. Kagermann was 
responding to reports that SAP had killed sup- 
port for its end-of-life products. Kagermann 
called those reports “stupid.” But if no one be- 
lieved those reports, Kagermann wouldn’t have 
had to say something. 

And why would anyone believe them? Maybe 
someone who read SAP’s own description of the 
status of its R/2 product on the SAP Web site: 
“On December 31, 2004, SAP’s support for the 
R/2 life cycle will end. Therefore, SAP encour- 
ages all SAP R/2 users to plan for migration.” The 
statement then shifts into a pitch for upgrading. 

Is that reasonable? Sure. R/2 is two decades 
old. Most R/2 users long ago migrated to other 
products; SAP says fewer than 250 sites still run 
R/2. It’s certainly in SAP’s interest to sunset 
R/2, and it’s likely in the interest of most cus- 
tomers to upgrade. 

But from what SAP says on its Web site, you 
couldn’t tell that customers had a choice — 
could you? 

SAP isn’t alone. Most big software 
vendors aren’t eager to point out 
that they’ll keep their creaky old 
code going for you. If you want it, 
you'll have to ask for it specifically. 

In fact, just to find out whether 
that afterlife support is available, 
you'll have to know to ask about it. 
Vendors won't deny it exists, but 
they certainly don’t advertise it. 

Result: Many customers don’t 





FRANK HAYES, Computer- 


software products your company uses. 

Not because it’s always a good idea to keep 
outdated products going as long as possible. 
But because afterlife support can inject just a 
little more reality into your decisions to up- 
grade, migrate or stand pat. 

Look, you know the price tag for an upgrade. 
And you have a pretty good idea what switching 
to a different vendor’s product will cost. You 
can make a dollars-and-cents case for either of 
those. And if you’ve been working the past few 
years with a frozen IT budget that’s just now 
starting to thaw, you'll probably be making a lot 
of those cases in the months to come. 

But what about doing nothing? That’s an at- 
tractive twilight zone. It doesn’t require an up- 
grade or migration line item. It just disappears 
from the budget, as far as top management is 
concerned. Sure, you know it will cost you — in 
time, effort and effectiveness. But how do you 
put a dollar value on that without making it 
look like a transparent guess? 

Answer: Find out from the vendor what the 
price is for afterlife support. That 
puts a number on it — a hard num- 
ber, provided by a credible out- 
sider. You can compare it to your 
guesstimate of what it will cost 
your staff to do the support by 
themselves. And you can use it to 
make the budget case for standing 
pat or making a change. 

That’s probably not the use ven- 
dors have in mind when they offer 


www.computerworld.com 


Why Would You Need That? 


Big company buys small company, and now all IT pur- 
chases must be made through HQ, 200 miles away. 
So when a new server arrives, pilot fish calls HQ to re- 
quest a UPS for it. “We have diesel-powered backup 
generators here at corporate,” he’s told. “There's no 
need for a UPS.” But we're not af corporate, fish says. 
Response: “Since we don't need UPSs, we are not al- 
lowed to budget for them. If you really think you need 
one, you'll have to buy it yourself.” Sighs fish, “We've 
been without for a year and a half.” 


Defined SHARK 
TANK. 


; shop ~ such as storing 


LAN admin pilot 
fish deploys a 
shareware moni- 
toring tool. “It’s fast, i 
costs $200,” he says. = 
But the company’s en- 
terprise architects nix 
it. “They said it wasn’t 
‘enterprise enough,’ ” 
grumbles fish. And the 
“enterprise” solution = 
tects come up with? “It 
costs seven figures, 
takes up 5% CPU utiliza- : 
tion, has an agent with a : 
down servers - and we 
had to hire two people 
just to support it.” 


All Hung Up 

It's the early 1980s, and 
this IT shop gets a huge 
long-distance bill ~ 
“about one-fifth the cost 
of a new car,” says a pi- 
lot fish working there. A 
check with the phone 
company confirms the 
problem: Software that 
transfers data to a gov- 
ernment agency by mo- 
dem is never hanging up 
the phone. Eventually, 


: checked all the cables 
; and plugs to my comput- 
: er, but they were all con- 
; Nected good and tight, 
so | just clicked OK to 


ware. “In the mean- 
time,” fish says, “the 
computer operator had 
to pick up the phone and 
manually hang up after 
each session.” 


The Un-safe 
Pilot fish is 
hired to clean 


up sloppy prac- 
tices in this IT 


backup tapes in an un- 


: locked safe. “I wasn’t 
? surprised that no one 

: knew the combination,” 
: he says. But he calls a 
: locksmith to set a new 
? combination, and gets 
? a shock. “The locking 


bracket, which keeps 


! the safe from accidental- 
i ly locking during ship- 


ping, had never been re- 


: This company’s users 

? need a Web browser 

; plug-in to access docu- 
; ments in the imaging 
system. To troubleshoot 
: a problem, IT manager 
? tech look over a user’s 
: asks if user saw any 

: ins. “Yes, | did,” she 

: says. “So | crawled un- 


der my desk and 


FEED THE SHARK! Send your true tales of IT life to 
sharky@computerworld.com. You snag a snazzy 


afterlife support. 

But after all, they all do it. You 
might as well benefit from it — one 
way or another. @ 42629 


even know they have the option for 
an afterlife. 

But it’s something you probably 
should know about the major 


Shark shirt if we use it. And check out the daily feed, browse 
the Sharkives and sign up for Shark Tank home delivery at 
computerworld.com/sharky. 


world's senior news colum- 
nist, has covered IT for more 
than 20 years. Contact him at 
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The networking landscape is changing on every level. As the 
first event of the year to examine the most critical issues facing 
the networking industry, COMNET 2004 will demonstrate how 
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